Policy-based application management
US-9213850-B2 · Dec 15, 2015 · US
Application with multiple operation modes
US9280377B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9280377-B2 |
| Application number | US-201313886889-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 3, 2013 |
| Priority date | Mar 29, 2013 |
| Publication date | Mar 8, 2016 |
| Grant date | Mar 8, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method and system for operating an application with multiple modes are described. A plurality of applications may be presented to a user on a mobile device and one of the displayed applications may be selected. The selected application may have one or more contexts that are determined based on one or more operational parameters. For example, a context for the selected application may be that the application is configured to access an enterprise account. Based on the context, the selected application may be run on the mobile device in one of a plurality of operations modes. The operation modes may comprise managed, unmanaged, and partially managed modes, among others.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: presenting, to a user, an interface comprising a plurality of applications on a computing device; receiving, from the user, a selection for one of the plurality of applications; determining a context for the selected application based on one or more operational parameters of the computing device executing the selected one of the plurality of applications, wherein determining the context comprises: analyzing an account used within the selected application; analyzing a location for the computing device; monitoring whether a predetermined application is running on the computing device; analyzing one or more network connections for the computing device; and analyzing one or more settings for the computing device; comparing the determined context with one or more policies for the selected application, wherein the one or more policies for the selected application differ from one or more policies for a second application, wherein each policy defines one or more access controls set for the selected application, wherein the one or more access controls are enforced by a management system on the computing device when the selected application is executing on the computing device, and wherein the comparison comprises: comparing the account used within the selected application to one or more account policies for the selected application; comparing the location for the computing device to one or more location policies for the selected application; comparing the monitored predetermined application to one or more application policies for the selected application; comparing the one or more detected network connections to one or more network connection policies for the selected application; and comparing the one or more analyzed settings to one or more settings policies for the selected application; determining one of a plurality of operation modes for the selected application based on the comparison of the determined context with the one or more policies for the selected application, wherein the plurality of operation modes comprises at least an unmanaged mode and a managed mode; and running the selected application in the determined operation mode on the computing device. 2. A method according to claim 1 , wherein when the account used within the selected application is an enterprise account, the determined one of the plurality of operation modes for the selected application is the managed mode. 3. A method according to claim 1 , wherein when the location for the computing device is on company premises, the determined one of the plurality of operation modes for the selected application is the managed mode, and wherein data communicated from the computing device to the selected application running in the managed mode is encrypted. 4. A method according to claim 1 , wherein when the predetermined application is monitored to be running on the computing device, the determined one of the plurality of operation modes for the selected application is the managed mode. 5. A method according to claim 1 , wherein the context comprises a predetermined default operation mode for the selected application. 6. A method according to claim 1 , further comprising: monitoring, while the selected application is running, an updated context for the selected application; and switching from the determined operation mode for the selected application to a different one of the plurality of operation modes based on the monitoring. 7. A method according to claim 6 , wherein the updated context comprises one or more of a received indication from the user, an accessed account, an accessed document that comprises a secure document, a detected launch of a predetermined application, a change in a network connection for the computing device, and a monitored location for the computing device running the selected application. 8. A method according to claim 1 , wherein running the selected application in the managed mode comprises one or more of encrypting communication for the selected application, encrypting data saved by the selected application, allowing the selected application to access secure documents, allowing the selected application to access secure resources, and allowing the selected application to access a secure portal. 9. A method according to claim 1 , wherein the plurality of operation modes further comprises a partially managed mode. 10. A computing device comprising: a processor, wherein the computing device is configured to at least: present, to a user, an interface comprising a plurality of applications on the computing device; receive, from the user, a selection for one of the plurality of applications; determine a context for the selected application based on or more operational parameters of the computing device executing the selected one of the plurality of applications, wherein determining the context comprises; analyze an account used within the selected application; analyze a location for the computing device; monitor whether a predetermined application is running on the computing device; analyze one or more network connections for the computing device; and analyze one or more settings for the computing device; compare the determined context with one or more policies for the selected application, wherein the one or more policies for the selected application differ from one or more policies for a second application, wherein each policy defines one or more access controls set for the selected application, wherein the one or more access controls are enforced by a management system on the computing device when the selected application is executing on the computing device, and wherein the comparison comprises: compare the account used within the selected application to one or more account policies for the selected application; compare the location for the computing device to one or more location policies for the selected application; compare the monitored predetermined application to one or more application policies for the selected application; compare the one or more detected network connections to one or more network connection policies for the selected application; and compare the one or more analyzed settings to one or more settings policies for the selected application; determine one of a plurality of operation modes for the selected application based on the comparison of the determined context with the one or more policies for the selected application, wherein the plurality of operation modes comprises at least an unmanaged mode and a managed mode; and run the selected application in the determined operation mode on the computing device. 11. A computing device of claim 10 , wherein when the account used within the selected application is an enterprise account, the determined one of the plurality of operation modes for the selected application is the managed mode. 12. A computing device of claim 10 , wherein when the location for the computing device is on company premises, the determined one of the plurality of operation modes for the selected application is the managed mode, and wherein data communicated from the computing device to the selected application running in the managed mode is encrypted. 13. A computing device according to claim 10 , wherein when the predetermined application is monitored to be running on the computing device, the determined one of the plurality of operation modes for the selected application is the managed mode. 14. A computing device according to claim 10 , wherein the computing device is further configured to at least:
Assignees
Inventors
Classifications
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Dual mode as a secondary aspect · CPC title
Monitoring arrangements for monitoring the configuration of the computing system or of the computing system component, e.g. monitoring the presence of processing resources, peripherals, I/O links, software programs (verification or detection of system hardware configuration G06F11/2247) · CPC title
- H04L63/107Primary
wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals · CPC title
- H04L63/105Primary
Multiple levels of security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9280377B2 cover?
- A method and system for operating an application with multiple modes are described. A plurality of applications may be presented to a user on a mobile device and one of the displayed applications may be selected. The selected application may have one or more contexts that are determined based on one or more operational parameters. For example, a context for the selected application may be that …
- Who is the assignee on this patent?
- Citrix Systems Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/107. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 08 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).