Associating a device with a user account
US-9172699-B1 · Oct 27, 2015 · US
Certificate based profile confirmation
US11824859B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11824859-B2 |
| Application number | US-202117206269-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 19, 2021 |
| Priority date | Mar 15, 2013 |
| Publication date | Nov 21, 2023 |
| Grant date | Nov 21, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed are various embodiments for controlling access to resources in a network environment. Methods may include installing a profile on the device and installing a certificate included in or otherwise associated with the profile on the device. A request to execute an application, and/or access a resource using a particular application, is received and determination is made as to whether the certificate is installed on the device based on an identification of the certificate by the application. If the certificate is installed on the device, then execution of the application and/or access to the resource is allowed. If the certificate is not installed on the device, then the request for execution and/or access is refused.
First claim
Opening claim text (preview).
Therefore, the following is claimed: 1. A method comprising: receiving, at a device from a remote server, a profile and a certificate that is unique to the profile, the profile specifying mandatory settings for the device, wherein installation of the profile by the device causes the certificate to be accessible by the device; sending, by the device, a request to perform at least one of utilizing a resource and executing an application; and receiving, at the device, authorization to perform the at least one of utilizing a resource and executing an application, wherein the authorization is based on: a determination that the certificate is accessible by the device; and a determination that the device is compliant with the specified mandatory settings. 2. The method of claim 1 , wherein the determination that the certificate is accessible by the device includes determining whether the certificate is stored on the device. 3. The method of claim 1 , wherein the determination that the certificate is accessible by the device includes determining whether the certificate is stored remotely from the device and associated with the device. 4. The method of claim 1 , wherein one of the mandatory settings includes the device having an embedded certificate installed, the embedded certificate being included in the in the profile. 5. The method of claim 1 , wherein the authorization is further based on verifying that the certificate is valid. 6. The method of claim 1 , wherein the request includes a request by the device to execute the application to utilize the resource. 7. The method of claim 1 , wherein the request further includes a request to provide the application with access to a plurality of additional resources authorized by the certificate in order to provide the application with access to the resource. 8. A non-transitory, computer-readable medium comprising instructions that, when executed by a processor of a device, performs stages comprising: receiving, at a device from a remote server, a profile and a certificate that is unique to the profile, the profile specifying mandatory settings for the device, wherein installation of the profile by the device causes the certificate to be accessible by the device; sending, by the device, a request to perform at least one of utilizing a resource and executing an application; and receiving, at the device, authorization to perform the at least one of utilizing a resource and executing an application, wherein the authorization is based on: a determination that the certificate is accessible by the device; and a determination that the device is compliant with the specified mandatory settings. 9. The non-transitory, computer-readable medium of claim 8 , wherein the determination that the certificate is accessible by the device includes determining whether the certificate is stored on the device. 10. The non-transitory, computer-readable medium of claim 8 , wherein the determination that the certificate is accessible by the device includes determining whether the certificate is stored remotely from the device and associated with the device. 11. The non-transitory, computer-readable medium of claim 8 , wherein one of the mandatory settings includes the device having an embedded certificate installed, the embedded certificate being included in the in the profile. 12. The non-transitory, computer-readable medium of claim 8 , wherein the authorization is further based on verifying that the certificate is valid. 13. The non-transitory, computer-readable medium of claim 8 , wherein the request includes a request by the device to execute the application to utilize the resource. 14. The non-transitory, computer-readable medium of claim 8 , wherein the request further includes a request to provide the application with access to a plurality of additional resources authorized by the certificate in order to provide the application with access to the resource. 15. A device, comprising: a memory storage including a non-transitory, computer-readable medium comprising instructions; and at least one processor that executes the instructions to carry out stages comprising: receiving, at a device from a remote server, a profile and a certificate that is unique to the profile, the profile specifying mandatory settings for the device, wherein installation of the profile by the device causes the certificate to be accessible by the device; sending, by the device, a request to perform at least one of utilizing a resource and executing an application; and receiving, at the device, authorization to perform the at least one of utilizing a resource and executing an application, wherein the authorization is based on: a determination that the certificate is accessible by the device; and a determination that the device is compliant with the specified mandatory settings. 16. The device of claim 15 , wherein the determination that the certificate is accessible by the device includes determining whether the certificate is stored on the device. 17. The device of claim 15 , wherein the determination that the certificate is accessible by the device includes determining whether the certificate is stored remotely from the device and associated with the device. 18. The device of claim 15 , wherein one of the mandatory settings includes the device having an embedded certificate installed, the embedded certificate being included in the in the profile. 19. The device of claim 15 , wherein the authorization is further based on verifying that the certificate is valid. 20. The device of claim 15 , wherein the request includes a request by the device to execute the application to utilize the resource.
Assignees
Inventors
Classifications
- H04L63/10Primary
for controlling access to devices or network resources · CPC title
- G06F21/30Primary
Authentication, i.e. establishing the identity or authorisation of security principals · CPC title
using certificates · CPC title
for accessing specific resources, e.g. using Kerberos tickets · CPC title
Program or device authentication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11824859B2 cover?
- Disclosed are various embodiments for controlling access to resources in a network environment. Methods may include installing a profile on the device and installing a certificate included in or otherwise associated with the profile on the device. A request to execute an application, and/or access a resource using a particular application, is received and determination is made as to whether the…
- Who is the assignee on this patent?
- Airwatch Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/10. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 21 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).