Application program as key for authorizing access to resources
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
G06F-021/10
G06F-021/33
G06F-021/62
H04L-029/08
출원번호
US-0943293
(2015-11-17)
등록번호
US-9847986
(2017-12-19)
발명자
/ 주소
Stuntebeck, Erich
출원인 / 주소
AirWatch LLC
인용정보
피인용 횟수 :
0인용 특허 :
87
초록▼
In a networked environment, a client side application executed on a client device may transmit a request to an authorization service for access to a resource. The authorization service may authenticate the user of client device and/or the client device based on user credentials and/or a device ident
In a networked environment, a client side application executed on a client device may transmit a request to an authorization service for access to a resource. The authorization service may authenticate the user of client device and/or the client device based on user credentials and/or a device identifier. In response to authenticating the user and/or the client device, the authorization service may send to the client side application a request for confirmation that the client device complies with a distribution rule associated with the resource, where the distribution rule requires a specific application or specific type of application to be installed, enabled and/or executing on the client device as a prerequisite to accessing the resource. If the client device complies with the distribution rule, the client side application accesses the resource. Accessing the resource may include receiving an authorization credential required for access to the resource.
대표청구항▼
1. A method comprising: determining, in a client device, whether the client device complies with at least one distribution rule associated with at least one resource;in response to determining that the client device complies with the at least one distribution rule, transmitting a request for access
1. A method comprising: determining, in a client device, whether the client device complies with at least one distribution rule associated with at least one resource;in response to determining that the client device complies with the at least one distribution rule, transmitting a request for access to a resource, the request including an indication that the client device complies with the at least one distribution rule, wherein the distribution rule requires installation of a key application on the client device as a prerequisite to accessing the resource and the request includes a key application identifier identifying the key application;authorizing the client device to access the resource; andin response to a receiving the authorization to access the requested resource, accessing the requested resource on the client device. 2. The method of claim 1, wherein the request further comprises at least one of a set of user credentials or a device identifier identifying the client device. 3. The method of claim 1, wherein determining whether the client device complies with the at least one distribution rule further comprises: receiving, from an authorization service, a device profile, the device profile including the at least one distribution rule; andstoring the device profile on the client device. 4. The method of claim 3, wherein the determination that the client device complies with the distribution rule is performed by a client side application based upon the device profile. 5. The method of claim 1, wherein the authorization to access the resource comprises an authorization credential required for access to the resource. 6. The method of claim 1, wherein the distribution rule further requires the key application to be executing on the client device as the prerequisite to accessing the resource. 7. A client device comprising: a network connectivity interface for enabling communication between the client device and an authorization service via a network;a memory for storing a client side application and a key application;a processor communicatively coupled to the memory for executing said client side application, wherein the client side application is configured to cause the client device to at least: determine whether the client device complies with at least one distribution rule associated with at least one resource accessible through an authorization service;in response to determining that the client device complies with the at least one distribution rule, transmit a request to the authorization service for access to a resource, the request including an indication that the client device complies with the at least one distribution rule, wherein the distribution rule requires installation of a key application on the client device as a prerequisite to accessing the resource and the request includes a key application identifier identifying the key application;receive, from the authorization service, authorization to access the resource; andin response to a receiving the authorization to access the requested resource, access the requested resource on the client device. 8. The client device of claim 7, wherein the request further comprises at least one of a set of user credentials or a device identifier identifying the client device. 9. The client device of claim 7, wherein the client device determines whether the client device complies with the at least one distribution rule by: receiving, from the authorization service, a device profile, the device profile including the at least one distribution rule; andstoring the device profile on the client device. 10. The client device of claim 9, wherein the determination that the client device complies with the distribution rule is performed by the client side application based upon the device profile. 11. The client device of claim 7, wherein the authorization to access the resource comprises an authorization credential required for access to the resource. 12. The client device of claim 7, wherein the distribution rule further requires the key application to be executing on the client device as the prerequisite to accessing the resource. 13. A non-transitory computer-readable medium embodying a program executable in a client device, the program, when executed, causing the client device to at least: determine whether the client device complies with at least one distribution rule associated with at least one resource accessible through an authorization service;in response to determining that the client device complies with the at least one distribution rule, transmit a request to the authorization service for access to a resource, the request including an indication that the client device complies with the at least one distribution rule, wherein the distribution rule requires installation of a key application on the client device as a prerequisite to accessing the resource and the request includes a key application identifier identifying the key application;receive, from the authorization service, authorization to access the resource; andin response to a receiving the authorization to access the requested resource, access the requested resource on the client device. 14. The non-transitory computer-readable medium of claim 13, wherein the program, when executed, causes the client device to determine whether the client device complies with the at least one distribution rule by: receiving, from the authorization service, a device profile, the device profile including the at least one distribution rule; andstoring the device profile on the client device. 15. The non-transitory computer-readable medium of claim 14, wherein the determination that the client device complies with the distribution rule is performed by a client side application based upon the device profile. 16. The non-transitory computer-readable medium of claim 15, wherein the authorization to access the resource comprises an authorization credential required for access to the resource. 17. The non-transitory computer-readable medium of claim 13, wherein the request further comprises at least one of a set of user credentials or a device identifier identifying the client device.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (87)
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Administration of protection of data accessible by a mobile device.
Bhaskaran,Harikrishnan, Communication system and method for compressing information sent by a communication device to a target portable communication device.
Johnson, David Nephi; Nielson, Dustin Lance; Griffis, Jr., Jerry E.; Beus, David Kent; Jensen, Nathan Blaine; Street, William; Sherman, Paul Erik; Cook, Michael William; Carter, Stephen R, Credential mapping.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R. Stanley, Global server for authenticating access to remote services.
Sekiya, Shuichi; Hanaki, Naofumi; Watanabe, Keitarou; Kato, Shinichi; Kamino, Itsuki, Information processing apparatus, program, storage medium and information processing system.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Maurya, Sanjiv; Tse, Benson Wei-Ming; VanZile, Frank; Bonham, Larry Dean; Peterson, Phil; Friend, John, Method and system for distributing and updating software in wireless devices.
Bruton, III, David Aro; Overby, Jr., Linwood H.; Rodriguez, Adolfo Francisco, Methods, systems and computer program products for selectively allowing users of a multi-user system access to network resources.
Laird,David; Jones,Martin Kelly, Notification systems and methods enabling user entry of notification trigger information based upon monitored mobile vehicle location.
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Protection of data accessible by a mobile device.
Mann, Dwayne R.; Heard, Robert W.; Burchett, Christopher D.; Gordon, Ian R., Server, computer memory, and method to support security policy maintenance and distribution.
Wolovitz, Lionel; Collins, Tim, Service management system and associated methodology of providing service related message prioritization in a mobile client.
Ng, Mason; Mendez, Daniel J.; Quinlan, Sean Michael, System and method for automatically forwarding email and email events via a computer network to a server computer.
Heard, Robert W.; Mann, Dwayne R.; Burchett, Christopher D.; Gordon, Ian R., System and method for distribution of security policies for mobile devices.
Riggins Mark D. ; Bailes R. Stanley ; Bui Hong O. ; Cowan David I. ; Mendez Daniel I. ; Ng Mason ; Quinlan Sean Michael ; Wagle Prasad ; Ying Christine C. ; Zuleeg Christopher R. ; Aptekar-Strober Jo, System and method for globally accessing computer services.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R., System and method for globally and securely accessing unified information in a computer network.
Mendez,Daniel J.; Riggins,Mark D.; Wagle,Prasad; Bui,Hong Q.; Ng,Mason; Quinlan,Sean Michael; Ying,Christine C.; Zuleeg,Christopher R.; Cowan,David J.; Aptekar Strober,Joanna A.; Bailes,R. Stanley, System and method for globally and securely accessing unified information in a computer network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for securely synchronizing multiple copies of a workspace element in a network.
Ng Mason ; Quinlan Sean Michael ; Ruan Tom ; Mendez Daniel J. ; Zhu Jing ; Cheng ; Jr. Martin ; Williams Matt ; Riggins Mark D., System and method for updating a remote database in a network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for using a global translator to synchronize workspace elements across a network.
Piccionelli, Greg A.; Rittmaster, Ted R., System and process for limiting distribution of information on a communication network based on geographic location.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.