Security policy enforcement for mobile devices based on device state
US-9705919-B1 · Jul 11, 2017 · US
Syndicating device and application management
US9923873B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9923873-B2 |
| Application number | US-201715620573-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 12, 2017 |
| Priority date | Jul 7, 2014 |
| Publication date | Mar 20, 2018 |
| Grant date | Mar 20, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques to provide syndicated device and application management are disclosed. In various embodiments, a request associated with accessing a third party service is received, for example, at a device management server or other management system. A third party service configuration data is used to configure the managed device to access the third party service directly from the third party service.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: registering, at a device management server, a third party service with which syndicated management is to be provided; receiving, at the device management server from the third party service with which syndicated management is to be provided, an identification of one or more groups associated with the third party service with which syndicated management is to be provided; receiving a request from a managed device to access the third party service with which syndicated management is to be provided; determining that the managed device is included in one of the one or more groups; providing, from the device management server to the managed device, configuration data associated with the third party service, wherein the managed device is configured to access the third party service upon implementing the configuration data associated with the third party service; and receiving a request from the third party service to report a security state of the managed device; and in response to the request, reporting the security state of the managed device to the third party service, wherein the third party service is configured to provide access to the managed device based on the security state. 2. The method of claim 1 , further comprising receiving an indication to add syndication for the third party service. 3. The method of claim 1 , further comprising receiving third party service configuration data. 4. The method of claim 3 , wherein the third party service configuration data is received via an administrative user interface. 5. The method of claim 3 , wherein the third party service configuration data is received at least in part by providing a template and receiving a configuration data instance that reflects a content and structure of the template which has been populated with the third party service configuration data. 6. The method of claim 1 , wherein the one or more groups includes at least one of users, user groups, devices, and/or device groups. 7. The method of claim 1 , further comprising receiving a definition of one or more aspects of device management to be provided to the third party service via the syndicated management. 8. The method of claim 1 , further comprising receiving from the third party service third party service configuration data to be used to configured managed devices to use the third party service. 9. The method of claim 1 , wherein the third party service comprises an authorized third party service to which the device management server has been configured to provide syndicated management of managed devices and/or applications. 10. The method of claim 1 , further comprising providing to the managed device, on behalf of the third party service, using a messaging functionality of the device management server, a notification or other message from the third party service. 11. The method of claim 1 , further comprising providing to the managed device, on behalf of the third party service, a file or other application data from the third party service. 12. The method of claim 1 , further comprising receiving from the third party service a usage data reflecting use by the managed device of the third party service. 13. The method of claim 1 , further comprising receiving from the third party service a device state data associated with the managed device. 14. The method of claim 13 , further comprising using the device state data to perform at the device management server a responsive action with respect to the managed device. 15. The method of claim 14 , wherein the responsive action includes updating a security state of the managed device. 16. The method of claim 15 , further comprising detecting a change in the security state of the managed device and reporting to the third party service data associated with the detected security state change. 17. A system, comprising: a communication interface; and a processor coupled to the communication interface and configured to: register a third party service with which syndicated management is to be provided; receive from the third party service via the communication interface an identification of one or more groups associated with the third party service with which syndicated management is to be provided; receive a request from a managed device to access the third party service with which syndicated management is to be provided; determine that the managed device is included in one of the one or more groups; provide configuration data associated with the third party service to the managed device, wherein the managed device is configured to access the third party service upon implementing the configuration data associated with the third party service; receive a request from the third party service to report a security state of the managed device; and in response to the request, report the security state of the managed device to the third party service, wherein the third party service is configured to provide access to the managed device based on the security state. 18. The system of claim 17 , wherein the processor is further configured to receive via the communication interface an indication to add syndication for the third party service. 19. The system of claim 17 , wherein the processor is further configured to receive via the communication interface third party service configuration data. 20. A computer program product, the computer program product being embodied in a non-transitory computer readable medium and comprising computer instructions for: registering a third party service with which syndicated management is to be provided; receiving from the third party service an identification of one or more groups associated with the third party service with which syndicated management is to be provided; receiving a request from a managed device to access the third party service with which syndicated management is to be provided; determining that the managed device is included in one of the one or more groups; providing configuration data associated with the third party service to the managed device, wherein the managed device is configured to access the third party service upon implementing the configuration data associated with the third party service; receiving a request from the third party service to report a security state of the managed device; and in response to the request, reporting the security state of the managed device to the third party service, wherein the third party service is configured to provide access to the managed device based on the security state.
Assignees
Inventors
Classifications
- H04L63/0272Primary
Virtual private networks · CPC title
Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration · CPC title
Entity profiles · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
Configuration setting · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9923873B2 cover?
- Techniques to provide syndicated device and application management are disclosed. In various embodiments, a request associated with accessing a third party service is received, for example, at a device management server or other management system. A third party service configuration data is used to configure the managed device to access the third party service directly from the third party serv…
- Who is the assignee on this patent?
- Mobile Iron Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0272. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 20 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).