Abstract: Systems and methods are included for detecting driving based on user-specific models for driving detection, and restricting access to an application of the user device while a user is driving. A management agent installed on the user device can collect data from sensors in a user device and provide the data to a management server, which can build a user-specific model for driving detection for that user. The management agent can then use that user-specific model for detecting when the user is driving. When the agent determines that the user is driving, it can enforce a driving policy that limits access to applications and delay or modify notifications generated by applications.

Abstract: Systems and methods are included for detecting driving based on user-specific models for driving detection, and restricting access to an application of the user device while a user is driving. A management agent installed on the user device can collect data from sensors in a user device and provide the data to a management server, which can build a user-specific model for driving detection for that user. The management agent can then use that user-specific model for detecting when the user is driving. When the agent determines that the user is driving, it can enforce a driving policy that limits access to applications and delay or modify notifications generated by applications.

Abstract: Systems and methods are included for detecting driving based on user-specific models for driving detection, and restricting access to an application of the user device while a user is driving. A management agent installed on the user device can collect data from sensors in a user device and provide the data to a management server, which can build a user-specific model for driving detection for that user. The management agent can then use that user-specific model for detecting when the user is driving. When the agent determines that the user is driving, it can enforce a driving policy that limits access to applications and delay or modify notifications generated by applications.

Abstract: Systems and methods are included for detecting driving based on user-specific models for driving detection, and restricting access to an application of the user device while a user is driving. A management agent installed on the user device can collect data from sensors in a user device and provide the data to a management server, which can build a user-specific model for driving detection for that user. The management agent can then use that user-specific model for detecting when the user is driving. When the agent determines that the user is driving, it can enforce a driving policy that limits access to applications and delay or modify notifications generated by applications.

Abstract: Disclosed are various embodiments for fast and accurate identification of message-based application programming interface (API) calls in applications. A set of compliance rules is obtained from a compliance rule store. A request to analyze an application is received. An application analysis is performed by scanning the application to identify one or more public APIs invoked by the application. The set of compliance rules are enforced on the application based at least in part on the application analysis.

Abstract: Systems and methods are provided for accurately setting notification priority levels for applications on a user device. An example system includes a user device and a management server. When an application generates a notification, it provides a priority level for the notification. A management agent executing on the user device can detect the notification and its assigned priority level, determine a predicted priority level using a prediction engine or prediction server, and cause the application the replace or update the assigned priority level based on the predicted priority level. The management agent can then receive user actions related to that notification from the application, and use that information to determine an observed priority level. The prediction engine or prediction server can be updated based on the observed priority level, thereby dynamically increasing the accuracy of predictions.

Abstract: Disclosed are various embodiments for fast and accurate identification of message-based application programming interface (API) calls in applications. A set of compliance rules is obtained from a compliance rule store. A request to analyze an application is received. An application analysis is performed by scanning the application to identify one or more public APIs invoked by the application.

Abstract: Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key used to access a secured file can be embedded. An additional layer of encryption can also be applied in the authenticator code.

Abstract: Disclosed are various approaches for injecting resources into wrapped applications. A computing device first obtains a compiled version of a target application package. The computing device then decompiles the compiled version of the target application package to generate a source code version of the target application package. Then, the computing device combines the source code version of the target application package with management component source code. Next, the computing device generates an application resource index. Subsequently, the computing device, modifies the management component source code based at least in part on the application resource index. Finally, the computing device compiles the combined source code version of the target application package and the management component source code to generate a managed application package.

Abstract: A system includes a computing device and a storage device storing computer instructions that are executable by the computing device. The computer instructions cause the computing device to detect a request to render content in a first display of a primary user device. The computer instructions further cause the computing device to determine whether the primary user device satisfies a compliance rule indicating whether the first display of the primary user device is authorized to render the content. In response to determining that the primary user device fails to satisfy the compliance rule, the computer instructions cause the computing device to prevent the content from being rendered in the first display of the primary user device and cause the content to be rendered in a second display of a secondary user device.

Abstract: Disclosed are various embodiments for fast and accurate identification of message-based application programming interface (API) calls in applications. A set of compliance rules is obtained from a compliance rule store. A request to analyze an application is received. An application analysis is performed by scanning the application to identify one or more public APIs invoked by the application.

Abstract: Embodiments relate to a managed application package generator that creates an executables file, a resource file, and a manifest file for a managed application. The executables file comprises an executable for a loader that loads a target application into memory. The resource file comprises a public resource for the target application. The manifest file comprises manifest data for the target application.

Abstract: Embodiments relate to a system that includes a managed application and a workspace manager that are executable by a computing device. The workspace manager obtains a component invocation message from the managed application and determines whether the component invocation message is intended to invoke a public component in a workspace managed by the workspace manger. The workspace manager provides an instruction to the managed application in response to determining whether the component invocation message is intended to invoke the public component in the workspace managed by the workspace manager.

Abstract: Embodiments relate to a system that includes a computing device and a managed application executable by the computing device. The managed application initiates an execution of a target application. The managed application obtains a request from the target application to perform an action. The managed application determines whether the action is permitted by a compliance rule.

Abstract: Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key used to access a secured file can be embedded. An additional layer of encryption can also be applied in the authenticator code.

Abstract: Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key used to access a secured file can be embedded. An additional layer of encryption can also be applied in the authenticator code.

Abstract: Disclosed are various embodiments for securely storing and transmitting medical- or health-related information. According to various embodiments described herein, a computing device may enroll or register a client device or a peripheral device associated with the client device in response to the client device or the peripheral device complying with at least one compliance rule. Health information received from the client device or the peripheral device is accessed in response a request received from a requesting service for the health information, wherein the health information as received is encrypted according to a cryptographic key. A determination is made whether consent to send the health information to the requesting service has been provided by a user of the client device. If consent has been provided, the health information received from the client device or the peripheral device is sent to the requesting service.

Abstract: Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key used to access a secured file can be embedded. An additional layer of encryption can also be applied in the authenticator code.

Abstract: Disclosed are various embodiments for fast and accurate identification of message-based application programming interface (API) calls in Objective-C binaries. An application binary is analyzed to determine a first listing of classes and a first listing of methods. Metadata is extracted from the application to determine a second listing of classes and a second listing of methods. A listing of external classes and a listing of external methods are determined. Data identifying public API definitions is obtained. Public APIs invoked by the application are determined by comparing the external classes and methods with the public API definitions.

Abstract: Disclosed are various embodiments for fast and accurate identification of message-based application programming interface (API) calls in Objective-C binaries. An application binary is analyzed to determine a first listing of classes and a first listing of methods. Metadata is extracted from the application to determine a second listing of classes and a second listing of methods. A listing of external classes and a listing of external methods are determined. Data identifying public API definitions is obtained. Public APIs invoked by the application are determined by comparing the external classes and methods with the public API definitions.