公开(公告)号：US09467474B2

公开(公告)日：2016-10-11

申请号：US14242011

申请日：2014-04-01

Applicant: Citrix Systems, Inc

Inventor： Gary Barton ,  Zhongmin Lang ,  Nitin Desai ,  James Walker

IPC: H04W12/08 ,  H04L29/06 ,  H04L12/24 ,  H04L29/08 ,  G06F21/60 ,  G06F21/62 ,  G06F21/88 ,  H04W8/18 ,  G06F9/455 ,  G06F9/44 ,  G06F3/0481 ,  G06Q10/10 ,  G06F21/35

CPC classification number: H04L63/20 ,  G06F3/0481 ,  G06F9/452 ,  G06F9/45533 ,  G06F21/604 ,  G06F21/6218 ,  G06F21/629 ,  G06F21/88 ,  G06F2221/2143 ,  G06Q10/10 ,  H04L41/046 ,  H04L63/0272 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/10 ,  H04L63/205 ,  H04L67/34 ,  H04W8/18 ,  H04W12/06 ,  H04W12/08

Abstract: Various aspects of the disclosure relate to configuring and providing policies that manage execution of mobile applications. In some embodiments, a user interface may be generated that allows an IT administrator or other operator to set, change and/or add to policy settings. The policy settings can be formatted into a policy file and be made available for download to a mobile device, such as via an application store or to be pushed to the mobile device as part of a data push service. The mobile device, based on the various settings included in the policy file, may perform various actions to enforce the security constraints that are represented by the policy. The various settings that can be included in a policy are numerous and some examples and variations thereof are described in connection with the example embodiments discussed herein.

Abstract translation: 本公开的各个方面涉及配置和提供管理移动应用的执行的策略。 在一些实施例中，可以生成允许IT管理员或其他操作者设置，改变和/或添加到策略设置的用户界面。 策略设置可以被格式化为策略文件，并且可用于下载到移动设备，例如通过应用商店，或作为数据推送服务的一部分被推送到移动设备。 移动设备基于包括在策略文件中的各种设置，可以执行各种动作来强制由策略表示的安全约束。 可以包括在策略中的各种设置是众多的，并且结合本文讨论的示例实施例来描述其一些示例和变型。

公开(公告)号：US10367814B2

公开(公告)日：2019-07-30

申请号：US14735318

申请日：2015-06-10

Applicant: Citrix Systems, Inc.

Inventor： James Walker

IPC: H04L29/06 ,  G06F21/54 ,  G06F21/62

Abstract: Methods and systems for preventing unsecured mobile applications from accessing encrypted resources are presented. In some embodiments, a mobile device may determine that a background process associated with a mobile application is requesting to access an encrypted resource. The mobile device may further determine whether the mobile application has been secured with authentication information. In response to determining that the mobile application has not been secured, the mobile device may suspend the background process until the mobile application has been secured and transmit a request to a mobile application management agent to secure the mobile application using authentication information.

公开(公告)号：US20180239599A1

公开(公告)日：2018-08-23

申请号：US15957642

申请日：2018-04-19

Applicant: Citrix Systems, Inc.

Inventor： James Walker ,  Zhongmin Lang ,  Gary Barton ,  Vipin Aravindakshan

IPC: G06F8/61 ,  G06F3/0484 ,  G06F21/57 ,  H04W24/02 ,  G06F8/30 ,  G06F8/34 ,  G06F8/41 ,  G06F8/52 ,  G06F8/71 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53

CPC classification number: G06F8/61 ,  G06F3/04842 ,  G06F8/30 ,  G06F8/316 ,  G06F8/34 ,  G06F8/41 ,  G06F8/52 ,  G06F8/62 ,  G06F8/71 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  H04W24/02

Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.

公开(公告)号：US20160283198A1

公开(公告)日：2016-09-29

申请号：US14671351

申请日：2015-03-27

Applicant: Citrix Systems, Inc.

Inventor： James Walker

IPC: G06F9/44 ,  G06F9/445 ,  G06Q10/10

CPC classification number: G06F8/30 ,  G06F8/65 ,  G06F9/44505 ,  G06F9/44521 ,  G06Q10/10

Abstract: Systems, methods, and computer-readable media for wrapping an application with field-programmable business logic are presented. In some embodiments, a computing device may load application code of a mobile application. Subsequently, the computing device may modify the application code to wrap the application with an application wrapper that is configured to manage execution of the application based on one or more policy files and configured to intercept one or more functions of the application code, where the one or more policy files each define one or more access controls that are enforced by a device management system on one or more user devices. Subsequently, the computing device may create a library file comprising field-programmable business logic defining implementation code linked to one or more of the functions intercepted by the wrapper. The computing device may then provide the wrapped application and the library file to at least one user device.

Abstract translation: 介绍了使用现场可编程业务逻辑封装应用程序的系统，方法和计算机可读介质。 在一些实施例中，计算设备可以加载移动应用的应用代码。 随后，计算设备可以修改应用代码以用应用程序包装器来包装应用程序，应用程序包装器被配置为基于一个或多个策略文件来管理应用程序的执行，并被配置为拦截应用程序代码的一个或多个功能， 或更多策略文件各自定义由一个或多个用户设备上的设备管理系统实施的一个或多个访问控制。 随后，计算设备可以创建包括现场可编程业务逻辑的库文件，其定义与由包装器截取的一个或多个功能链接的实现代码。 然后，计算设备可以将包裹的应用和库文件提供给至少一个用户设备。

公开(公告)号：US10545748B2

公开(公告)日：2020-01-28

申请号：US15957642

申请日：2018-04-19

Applicant: Citrix Systems, Inc.

Inventor： James Walker ,  Zhongmin Lang ,  Gary Barton ,  Vipin Aravindakshan

IPC: G06F9/445 ,  G06F8/61 ,  G06F8/52 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  G06F8/30 ,  G06F8/34 ,  G06F3/0484 ,  G06F8/41 ,  G06F8/71 ,  H04W24/02

Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.

公开(公告)号：US09971585B2

公开(公告)日：2018-05-15

申请号：US14752132

申请日：2015-06-26

Applicant: Citrix Systems, Inc.

Inventor： James Walker ,  Zhongmin Lang ,  Gary Barton ,  Vipin Aravindakshan

IPC: G06F9/44 ,  G06F9/445 ,  G06F9/45 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  G06F3/0484 ,  H04W24/02

CPC classification number: G06F8/61 ,  G06F3/04842 ,  G06F8/30 ,  G06F8/316 ,  G06F8/34 ,  G06F8/41 ,  G06F8/52 ,  G06F8/62 ,  G06F8/71 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  H04W24/02

Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.

公开(公告)号：US09606774B2

公开(公告)日：2017-03-28

申请号：US14671351

申请日：2015-03-27

Applicant: Citrix Systems, Inc.

Inventor： James Walker

IPC: G06F9/44 ,  G06Q10/10 ,  G06F9/445

CPC classification number: G06F8/30 ,  G06F8/65 ,  G06F9/44505 ,  G06F9/44521 ,  G06Q10/10

Abstract: Systems, methods, and computer-readable media for wrapping an application with field-programmable business logic are presented. In some embodiments, a computing device may load application code of a mobile application. Subsequently, the computing device may modify the application code to wrap the application with an application wrapper that is configured to manage execution of the application based on one or more policy files and configured to intercept one or more functions of the application code, where the one or more policy files each define one or more access controls that are enforced by a device management system on one or more user devices. Subsequently, the computing device may create a library file comprising field-programmable business logic defining implementation code linked to one or more of the functions intercepted by the wrapper. The computing device may then provide the wrapped application and the library file to at least one user device.

公开(公告)号：US20170192763A9

公开(公告)日：2017-07-06

申请号：US14752132

申请日：2015-06-26

Applicant: Citrix Systems, Inc.

Inventor： James Walker ,  Zhongmin Lang ,  Gary Barton ,  Vipin Aravindakshan

IPC: G06F9/445 ,  G06F9/45 ,  G06F9/44 ,  H04W24/02 ,  G06F3/0484

CPC classification number: G06F8/61 ,  G06F3/04842 ,  G06F8/30 ,  G06F8/316 ,  G06F8/34 ,  G06F8/41 ,  G06F8/52 ,  G06F8/62 ,  G06F8/71 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  H04W24/02

Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.

公开(公告)号：US20160378451A1

公开(公告)日：2016-12-29

申请号：US14752132

申请日：2015-06-26

Applicant: Citrix Systems, Inc.

Inventor： James Walker

IPC: G06F9/445 ,  G06F9/45 ,  G06F9/44 ,  H04W24/02 ,  G06F3/0484

CPC classification number: G06F8/61 ,  G06F3/04842 ,  G06F8/30 ,  G06F8/316 ,  G06F8/34 ,  G06F8/41 ,  G06F8/52 ,  G06F8/62 ,  G06F8/71 ,  G06F8/72 ,  G06F8/76 ,  G06F21/33 ,  G06F21/53 ,  G06F21/57 ,  H04W24/02

Abstract: Methods and systems are disclosed for providing approaches to generating managed applications from unmanaged applications on a mobile device. The methods and systems may include storing, by a mobile device in a memory of the mobile device, one or more unmanaged applications each comprising a corresponding application bundle and decoding, by the mobile device, the retrieved application bundle corresponding to the first unmanaged application. The methods and systems may also include modifying, by the mobile device, the decoded application bundle corresponding to the first unmanaged application by adding a set of one or more policy-based control instructions, compiling, by the mobile device, the modified application bundle to generate a first managed application, the first managed application being configured to operate in accordance with the set of one or more policy-based control instructions, and providing, by the mobile device, the first managed application.

Abstract translation: 公开了用于提供从移动设备上的非管理应用产生被管理应用的方法的方法和系统。 方法和系统可以包括通过移动设备在移动设备的存储器中存储一个或多个非管理应用，每个应用包括相应的应用束，并且由移动设备解码与第一非管理应用相对应的检索到的应用束。 所述方法和系统还可以包括：通过添加一组一个或多个基于策略的控制指令，由移动设备修改对应于第一非管理应用的解码的应用包，由移动设备将修改的应用包编译成 生成第一被管理应用，所述第一被管理应用被配置为根据所述一组或多个基于策略的控制指令进行操作，并且由所述移动设备提供所述第一被管理应用。

公开(公告)号：US20150373023A1

公开(公告)日：2015-12-24

申请号：US14735318

申请日：2015-06-10

Applicant: Citrix Systems, Inc.

Inventor： James Walker

IPC: H04L29/06

CPC classification number: H04L63/10 ,  G06F21/54 ,  G06F21/62 ,  G06F21/6218 ,  G06F2221/2107 ,  H04L63/20 ,  H04W12/0027

Abstract: Methods and systems for preventing unsecured mobile applications from accessing encrypted resources are presented. In some embodiments, a mobile device may determine that a background process associated with a mobile application is requesting to access an encrypted resource. The mobile device may further determine whether the mobile application has been secured with authentication information. In response to determining that the mobile application has not been secured, the mobile device may suspend the background process until the mobile application has been secured and transmit a request to a mobile application management agent to secure the mobile application using authentication information.

Abstract translation: 提出了防止不安全移动应用访问加密资源的方法和系统。 在一些实施例中，移动设备可以确定与移动应用相关联的后台进程正在请求访问加密的资源。 移动设备还可以确定移动应用是否已经被认证信息保护。 响应于确定移动应用尚未被保护，移动设备可以暂停后台进程直到移动应用已被保护，并且向移动应用管理代理发送请求以使用认证信息来保护移动应用。