公开(公告)号：US10037199B2

公开(公告)日：2018-07-31

申请号：US14689787

申请日：2015-04-17

Applicant: VMware, Inc.

Inventor： Perry Hung ,  Harvey Tuch ,  Craig F. Newell ,  Haim Tebeka

IPC: G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F13/00 ,  G06F8/54 ,  G06F21/54 ,  G06F9/54 ,  G06F9/445 ,  G06F21/31 ,  G06F21/60 ,  G06F21/53 ,  H04W12/02 ,  G06F8/61 ,  H04L29/08 ,  H04L29/06 ,  H04W12/00

CPC classification number: G06F8/54 ,  G06F8/61 ,  G06F9/44521 ,  G06F9/54 ,  G06F21/31 ,  G06F21/53 ,  G06F21/54 ,  G06F21/602 ,  G06F21/604 ,  G06F2221/2107 ,  G06F2221/2143 ,  G06F2221/2149 ,  H04L63/0272 ,  H04L63/10 ,  H04L63/20 ,  H04L67/146 ,  H04W12/00 ,  H04W12/0027 ,  H04W12/02

Abstract: In an example, a method of creating a secured workspace in a mobile device includes installing an application management agent on the mobile device, wherein the application management agent is configured to communicate with a remote server to obtain a security policy. The method further includes installing a wrapped enterprise application to the mobile device. The wrapped enterprise application includes code injected therein that, when executed by the mobile device, causes the mobile device to intercept at least a portion of instructions being executed by the wrapped enterprise application and to interpose alternative instructions that comply with the security policy. The method further includes communicating among the wrapped enterprise application, the application management agent, and other wrapped enterprise applications through pasteboard and uniform resource locator (URL) handlers provided by an operating system of the mobile device.

公开(公告)号：US09383983B2

公开(公告)日：2016-07-05

申请号：US13918511

申请日：2013-06-14

Applicant: VMware, Inc.

Inventor： Perry Hung ,  Harvey Tuch

IPC: G06F7/04 ,  G06F9/445 ,  G06F21/54 ,  G06F9/54 ,  G06F21/31 ,  G06F21/60 ,  G06F21/53 ,  H04W12/02 ,  H04L29/08 ,  H04L29/06 ,  H04W12/00

CPC classification number: G06F8/54 ,  G06F8/61 ,  G06F9/44521 ,  G06F9/54 ,  G06F21/31 ,  G06F21/53 ,  G06F21/54 ,  G06F21/602 ,  G06F21/604 ,  G06F2221/2107 ,  G06F2221/2143 ,  G06F2221/2149 ,  H04L63/0272 ,  H04L63/10 ,  H04L63/20 ,  H04L67/146 ,  H04W12/00 ,  H04W12/02

Abstract: Particular embodiments provide a method to authenticate a user of an application running on a mobile operating system (OS) installed on a mobile device, wherein the mobile OS invokes callback methods of the application upon making changes to an execution state of the application. Code embedded into the application causes the application to communicate with a management agent installed in the mobile OS upon invocation of a hooked callback method. Upon invocation of the hooked callback method, the embedded code assesses whether the user should be provided an authentication challenge prior to enabling the application to run in the foreground, and presents the authentication challenge if necessary. Finally, the embedded code returns execution control from the management agent back to the application wherein the application executes the at least one callback method prior to running in the foreground.

Abstract translation: 特定实施例提供了一种验证在安装在移动设备上的移动操作系统（OS）上运行的应用的用户的方法，其中移动OS在对应用的执行状态进行改变时调用应用的回调方法。 嵌入到应用程序中的代码导致应用程序在调用挂钩回调方法时与安装在移动操作系统中的管理代理进行通信。 在调用挂钩回调方法时，嵌入代码评估在使应用程序在前台运行之前是否应该向用户提供认证挑战，并在必要时呈现认证挑战。 最后，嵌入式代码将执行控制从管理代理返回到应用程序，其中应用程序在前台运行之前执行至少一个回调方法。