Policy Based Authentication
US-2019068373-A1 · Feb 28, 2019 · US
Adaptive device enrollment
US10749870B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10749870-B2 |
| Application number | US-201715818798-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 21, 2017 |
| Priority date | Nov 21, 2017 |
| Publication date | Aug 18, 2020 |
| Grant date | Aug 18, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Examples described herein include systems and methods for dynamically determining enrollment requirements and enrolling a user device into a management system. The systems and methods can differ based on the type and version of operating system executing on the user device. With some operating systems, enrollment can be completed through a single application that performs other functionality, such providing single-sign-on access to enterprise resources. With other operating systems, enrollment can be completed by pausing the first application and requiring installation of an agent application to complete enrollment. The determination of how and when to enroll a user device can be done automatically and can be based on an organizational group to which the user belongs.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for enrolling a user device with a management system using a portal application, comprising: receiving, at a management server, an enrollment request from the portal application installed locally on the user device, the portal application storing a user's credentials and displaying icons corresponding to a plurality of applications available to the user, wherein the portal application provides access to a selected application of the plurality of applications by authenticating the user to the selected application; in response to selection of the selected application, establishing management control over the user device by: requesting, by the portal application, enrollment of the user device with the management server; receiving, at the portal application, policies from the management server and enforcing, at the portal application, the policies with respect to the selected application. 2. The method of claim 1 , further comprising, as a result of enrolling, allowing the portal application to provide access to an enterprise application. 3. The method of claim 1 , wherein the policies include compliance rules for the user device to comply with. 4. The method of claim 1 , wherein the portal application authenticates the user to the selected application using a single-sign-on (SSO) service. 5. The method of claim 1 , wherein enrolling comprises sending an access token from the management server to the portal application. 6. A non-transitory, computer-readable medium comprising instructions that, when executed by a processor, perform stages for enrolling a user device with a management system using a portal application, the stages comprising: receiving, at a management server, an enrollment request from the portal application installed locally on the user device, the portal application storing a user's credentials and displaying icons corresponding to a plurality of applications available to the user, wherein the portal application provides access to a selected application of the plurality of applications by authenticating the user to the selected application; in response to selection of the selected application, establishing management control over the user device by: requesting, by the portal application, enrollment of the user device with the management server; receiving, at the portal application, policies from the management server and enforcing, at the portal application, the policies with respect to the selected application. 7. The non-transitory, computer-readable medium of claim 6 , the stages further comprising, as a result of enrolling, allowing the portal application to provide access to an enterprise application. 8. The non-transitory, computer-readable medium of claim 6 , wherein the policies include compliance rules for the user device to comply with. 9. The non-transitory, computer-readable medium of claim 6 , wherein the portal application authenticates the user to the selected application using a single-sign-on (SSO) service. 10. The non-transitory, computer-readable medium of claim 6 , wherein enrolling comprises sending an access token from the management server to the portal application. 11. A system for enrolling a user device with a management system using a portal application, comprising: a management server having a processor, display, and memory storage; wherein the memory storage contains a non-transitory, computer-readable medium comprising instructions that, when executed by the processor, carry out stages comprising: receiving, at the management server, an enrollment request from the portal application installed locally on the user device, the portal application storing a user's credentials and displaying icons corresponding to a plurality of applications available to the user, wherein the portal application provides access to a selected application of the plurality of applications by authenticating the user to the selected application; in response to selection of the selected application, establishing management control over the user device by: requesting, by the portal application, enrollment of the user device with the management server; receiving, at the portal application, policies from the management server and enforcing, at the portal application, the policies with respect to the selected application. 12. The system of claim 11 , the stages further comprising, as a result of enrolling, allowing the portal application to provide access to an enterprise application. 13. The system of claim 11 , wherein the policies include compliance rules for the user device to comply with. 14. The system of claim 11 , wherein the portal application authenticates the user to the selected application using a single-sign-on (SSO) service. 15. The system of claim 11 , wherein enrolling comprises sending an access token from the management server to the portal application.
Assignees
Inventors
Classifications
- H04L63/0815Primary
providing single-sign-on or federations · CPC title
Grouping of entities · CPC title
where a single sign-on provides access to a plurality of computers · CPC title
Tools and structures for managing or administering access control systems · CPC title
to features or functions of an application · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10749870B2 cover?
- Examples described herein include systems and methods for dynamically determining enrollment requirements and enrolling a user device into a management system. The systems and methods can differ based on the type and version of operating system executing on the user device. With some operating systems, enrollment can be completed through a single application that performs other functionality, s…
- Who is the assignee on this patent?
- Vmware Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0815. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 18 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).