Abstract: Aspects described herein relate to controlling incoming data processing requests or messages and whether the incoming data processing requests are allowed to reach destination applications unmodified. The destination application may be a secure application operating within a secure application wrapper, and the secure application wrapper may determine whether and how much of the request or message is allowed to pass into a managed partition or through the secure application wrapper to reach the secure application for processing.

Abstract: A local computing device may use a remote computing device to host various resources on behalf of the local computing device. The local computing device may receive data related to a graphical window of the remotely hosted resource and generate a graphical window on the local desktop environment for the remotely hosted resource. The local computing device may also update a taskbar to include the remote hosted resource. Window previews may also be generated by the local computing device and the window previews may include snapshots or dynamic images of the graphical window for the remotely hosted resource. In some instances, the snapshots may be provided to the local computing device from the remote computing device.

Abstract: Aspects of a memory and method for accessing the memory are disclosed. The memory includes a plurality of memory cells configured to support a read and write operation in a memory cycle in a first mode and a write only operation in the memory cycle in a second mode. The memory further includes a control circuit configured to generate a read clock for the read operation and a write clock for the write operation. The timing of the write clock is a function of the timing of the read clock in the first mode, and the timing of the memory cycle in the second mode.

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

Abstract: Illustrative aspects described herein relate to data security and automatic deletion of data when specific criteria are met. Sensitive data may be protected when sent over unsecured networks or to unsecured or BYOD devices while preventing data leakage by specifying conditions under which the data is to be automatically deleted. This prevention may involve using a managed application to receive a data message from an application on a sending mobile device, such that the managed application is configure to delete the data message when the specified criteria are met. In one embodiment, the data message may include the criteria which, when met, results in the destruction of the data message, thereby allowing a sender to define the criteria. Once the data message is stored on the second mobile device, the receiving application determines whether the destruction criteria have been met. If so, the receiving application deletes the data message.

Abstract: Conductive patterns and methods of using and printing such conductive patterns are disclosed. In certain examples, the conductive patterns may be produced by disposing a conductive material between supports on a substrate. The supports may be removed to provide conductive patterns having a desired length and/or geometry.

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

Abstract: Various aspects of the disclosure relate to configuring and providing policies that manage execution of mobile applications. In some embodiments, a user interface may be generated that allows an IT administrator or other operator to set, change and/or add to policy settings. The policy settings can be formatted into a policy file and be made available for download to a mobile device, such as via an application store or to be pushed to the mobile device as part of a data push service. The mobile device, based on the various settings included in the policy file, may perform various actions to enforce the security constraints that are represented by the policy. The various settings that can be included in a policy are numerous and some examples and variations thereof are described in connection with the example embodiments discussed herein.

Abstract: According to some aspects disclosed herein, a system for remote assistance and control of user devices subject to one or more remote assistance policies may be provided. In some embodiments, an administrator may request remote control of a managed user device. A managed application launcher may be provided by the user device and may be modified by the user device to remove managed applications or otherwise prevent access to applications that have a policy indicating that remote assistance is not allowed. The administrator may open a managed application included in the launcher and remotely control that application. In other embodiments, a user of the managed user device may initiate a request for remote assistance from within a managed application and/or the managed application launcher. The administrator's control of the user device and access to other applications on the user device may be limited based on the remote assistance policies.

Abstract: Conductive patterns and methods of using and printing such conductive patterns are disclosed. In certain examples, the conductive patterns may be produced by disposing a conductive material between supports on a substrate. The supports may be removed to provide conductive patterns having a desired length and/or geometry.

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

Abstract: Aspects of a memory and method for accessing the memory are disclosed. The memory includes a plurality of memory cells configured to support a read and write operation in a memory cycle in a first mode and a write only operation in the memory cycle in a second mode. The memory further includes a control circuit configured to generate a read clock for the read operation and a write clock for the write operation. The timing of the write clock is a function of the timing of the read clock in the first mode, and the timing of the memory cycle in the second mode.

Abstract: Methods, systems, computer-readable media, and apparatuses for providing mobile application management (MAM) functionalities are presented. In some embodiments, a mobile device may initialize a partially managed application associated with a first managed user account and an unmanaged user account. The mobile device may execute first managed tasks associated with the first managed user account in accordance with a first set of MAM policies provided by a first MAM service provider. The mobile device may execute unmanaged tasks associated with the unmanaged account independent of the first set of MAM policies. In some embodiments, the mobile device may initialize the multi-account managed application associated with a second managed user account.

Abstract: Various aspects of the disclosure relate to providing a per-application policy-controlled virtual private network (VPN) tunnel. In some embodiments, tickets may be used to provide access to an enterprise resource without separate authentication of the application and, in some instances, can be used in such a manner as to provide a seamless experience to the user when reestablishing a per-application policy controlled VPN tunnel during the lifetime of the ticket. Additional aspects relate to an access gateway providing updated policy information and tickets to a mobile device. Other aspects relate to selectively wiping the tickets from a secure container of the mobile device. Yet further aspects relate to operating applications in multiple modes, such as a managed mode and an unmanaged mode, and providing authentication-related services based on one or more of the above aspects.

Abstract: Improved techniques for managing enterprise applications on mobile devices are described herein. Each enterprise mobile application running on the mobile device has an associated policy through which it interacts with its environment. The policy selectively blocks or allows activities involving the enterprise application in accordance with rules established by the enterprise. Together, the enterprise applications running on the mobile device form a set of managed applications. Managed applications are typically allowed to exchange data with other managed applications, but are blocked from exchanging data with other applications, such as the user's own personal applications. Policies may be defined to manage data sharing, mobile resource management, application specific information, networking and data access solutions, device cloud and transfer, dual mode application software, enterprise app store access, and virtualized application and resources, among other things.

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

Abstract: According to some aspects disclosed herein, a system for remote assistance and control of user devices subject to one or more remote assistance policies may be provided. In some embodiments, an administrator may request remote control of a managed user device. A managed application launcher may be provided by the user device and may be modified by the user device to remove managed applications or otherwise prevent access to applications that have a policy indicating that remote assistance is not allowed. The administrator may open a managed application included in the launcher and remotely control that application. In other embodiments, a user of the managed user device may initiate a request for remote assistance from within a managed application and/or the managed application launcher. The administrator's control of the user device and access to other applications on the user device may be limited based on the remote assistance policies.

Abstract: Methods and systems for establishing user sessions between a client and a server or server farm can be carried out by a load balancing agent executing on a computer in communication with the client, server or server farm. The load balancing agent can intercept a connection request generated by an application executing on a client and responsively select a server on which to establish a user session. Selecting the server can be based on overbooking a particular server and choosing a server with a predetermined amount of forecasted load. Forecasted load can be determined by summing the current load on a server with a current load calculated by multiplying: the average load on the user sessions hosted by the server; by the number of cached user sessions stored on the server; and by the probability that a cached user session reconnects.

Abstract: A pseudo-dual-port (PDP) memory such as a PDP SRAM is provided that independently controls the bit line precharging and the sense amplifier precharging to increase memory operating speed while eliminating or reducing the discharge of crowbar current.