Controlling mobile device access to enterprise resources
US-9529996-B2 · Dec 27, 2016 · US
Anonymized application scanning for mobile devices
US9916446B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9916446-B2 |
| Application number | US-201615098588-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 14, 2016 |
| Priority date | Apr 14, 2016 |
| Publication date | Mar 13, 2018 |
| Grant date | Mar 13, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed are various approaches for integrating application scanning into a mobile enterprise computing management system. A management service instructs the client device to provide a list of installed applications to the management serviceand receives the list of installed applications from the client device. The management service then adds the list of installed applications to an aggregate listing of applications representing a list of client applications installed on one or more client devices. Subsequently, the management service sends to a scanning service a policy comprising an identifier of a client application that is prohibited on the client device. The management service also sends the aggregate listing of applications to the scanning service. The management service then receives a notification from the scanning service that the prohibited client application is present in the aggregate listing of applications. In response, the management service determines whether the prohibited client application is installed on the client device and instructs the client device perform a remedial action specified by the policy.
First claim
Opening claim text (preview).
Therefore, the following is claimed: 1. A system, comprising: a server comprising a server processor and a server memory; a client device in data communication with the server, the client device comprising a client processor and a client memory; a management service stored in the server memory that, when executed by the server processor, causes the server to at least: add a first command to a command queue associated with the client device, wherein the first command instructs the client device to provide a list of installed applications to the management service receive a first request from the client device for the first command stored in the command queue; send the first command to the client device; receive the list of installed applications from the client device; add the list of installed applications to an aggregate listing of applications, wherein the aggregate listing of applications represents a list of client applications installed on one or more of a plurality of client devices; send to a scanning service a policy comprising an identifier of a prohibited client application, wherein the presence of the prohibited client application is prohibited on the client device; send the aggregate listing of applications to the scanning service; receive a notification from the scanning service, the notification an indication that the prohibited client application is present in the aggregate listing of applications; add a second command to the command queue, wherein the second command instructs the client device to determine whether the prohibited client application is installed on the client device and to perform a remedial action specified by the policy in response to determination that the prohibited client application is installed on the client device; receive a second request from the client device for the second command stored in the command queue; and send the second command to the client device. 2. The system of claim 1 , wherein the remedial action comprises causing the client device to uninstall the prohibited client application. 3. The system of claim 1 , wherein the remedial action comprises causing the client device to upgrade the prohibited client application. 4. The system of claim 1 , wherein the remedial action comprises causing the client device to modify a permission assigned to the prohibited client application. 5. The system of claim 1 , wherein the remedial action comprises causing the client device to modify a setting of the prohibited client application. 6. The system of claim 1 , wherein the prohibited client application comprises a first client application stored in the client memory and the remedial action comprises causing the client device to uninstall a second client application stored in the client memory. 7. The system of claim 1 , wherein the remedial action comprises resetting the client device to an initial state. 8. A method, comprising: adding a first command to a command queue associated with a client device, wherein the first command instructs the client device to provide a list of installed applications to a management service receiving a first request from the client device for the first command stored in the command queue; sending the first command to the client device; receiving the list of installed applications from the client device; adding the list of installed applications to an aggregate listing of applications, wherein the aggregate listing of applications represents a list of client applications installed on one or more of a plurality of client devices; sending to a scanning service a policy comprising an identifier of a prohibited client application, wherein the presence of the prohibited client application is prohibited on the client device; sending the aggregate listing of applications to the scanning service; receiving a notification from the scanning service, the notification an indication that the prohibited client application is present in the aggregate listing of applications; adding a second command to the command queue, wherein the second command instructs the client device to determine whether the prohibited client application is installed on the client device and to perform a remedial action specified by the policy in response to a determination that the prohibited client application is installed on the client device; receiving a second request from the client device for the second command stored in the command queue; and send the second command to the client device. 9. The method of claim 8 , wherein the remedial action comprises causing the client device to uninstall the prohibited client application. 10. The method of claim 8 , wherein the remedial action comprises causing the client device to upgrade the prohibited client application. 11. The method of claim 8 , wherein the remedial action comprises causing the client device to modify a permission assigned to the prohibited client application. 12. The method of claim 8 , wherein the remedial action comprises causing the client device to modify a setting of the prohibited client application. 13. The method of claim 8 , herein the prohibited client application comprises a first client application and the remedial action comprises causing the client device to uninstall a second client application from the client device. 14. The method of claim 8 , wherein the remedial action comprises resetting the client device to an initial state. 15. A non-transitory computer readable medium comprising machine readable instructions that, when executed by a processor of a computing device, cause the computing device to at least: add a first command to a command queue associated with a client device, wherein the first command instructs the client device to provide a list of installed applications to a management service receive a first request from the client device for the first command stored in the command queue; send the first command to the client device; receive the list of installed applications from the client device; add the list of installed applications to an aggregate listing of applications, wherein the aggregate listing of applications represents a list of client applications installed on one or more of a plurality of client devices; send to a scanning service a policy comprising an identifier of a prohibited client application, wherein the presence of the prohibited client application is prohibited on the client device; send the aggregate listing of applications to the scanning service; receive a notification from the scanning service, the notification an indication that the prohibited client application is present in the aggregate listing of applications; add a second command to the command queue the second command instructs client device to determine whether the prohibited client application is installed on the client device and to perform a remedial action specified by the policy in response to a determination that the prohibited client application is installed on the client device; receive a second request from the client device for the second command stored in the command queue; and send the second command to the client device. 16. The non-transitory computer readable medium of claim 15 , the remedial action comprises causing the computing device to uninstall the prohibited client application. 17. The non-transitory computer readable medium of claim 15 , wherein the remedial action comprises causing the computing device to upgrade the prohibited client application. 18. The non-transitory computer re
Assignees
Inventors
Classifications
Test or assess a computer or a system · CPC title
Protecting data · CPC title
Event detection, e.g. attack signature detection · CPC title
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
- G06F21/56Primary
Computer malware detection or handling, e.g. anti-virus arrangements · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9916446B2 cover?
- Disclosed are various approaches for integrating application scanning into a mobile enterprise computing management system. A management service instructs the client device to provide a list of installed applications to the management serviceand receives the list of installed applications from the client device. The management service then adds the list of installed applications to an aggregate…
- Who is the assignee on this patent?
- Airwatch Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/56. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Mar 13 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).