Abstract: A method for managing application containers, comprising: assigning a first application to a master container in a memory of a system; assigning a second application to a slave container in the memory; using a processor, assigning the master and slave containers to a container group by: delegating access to container meta-data of the slave container by a container run-time of the slave container or by the first application to a container meta-data accessor of the master container via a class loader of the master container; and, delegating interaction between the container run-time of the slave container and a container management channel of the slave container to a container management channel of the master container via the class loader of the master container; and, accessing the first and second applications via the container group.

Abstract: A method for managing a master password on a network device, the method stored as a set of instructions executable by a computer processor to: store the master password in a first file in a memory of the network device; store the master password in a second file in the memory of the network device; encrypt access to the first file using a first password; encrypt access to the second file using a second password; send the second password and an identifier associated with the network device over a communications network to a registration server, the registration server configured for storing the second password for subsequent retrieval by the network device; when the first password is unavailable, send a password retrieval request including the identifier; receive the second password configured as a one-time use password; decrypt access to the second file to retrieve the master password; and, initiate a reset process for subsequent storage of the master password in the memory of the network device.

Abstract: A method of on-device access using a container application to manage a sub application provisioned on a computer device by set of stored instructions executed by a computer processor to implement the steps of: receive a communication for the sub application by a first service programming interface (SPI) of the container application, the communication sent by a on-device process over a first communication pathway of a device infrastructure of the computer device utilizing interprocess communication (IPC) framework of the device infrastructure, the first communication pathway provided external to the first SPI; retransmit the communication by the first SPI to a second SPI of the sub application over a second communication pathway that bypasses the IPC framework, the second communication pathway internal to the first SPI; receiving a response to the communication by the first SPU from the second SPI over the second communication pathway; and directing the response to the on-device process over the first communic

Abstract: A system and method for confirming an application change event associated with a device infrastructure of a mobile device, the method comprising the steps of: storing an application authorization list identifying a plurality of mobile applications, the application authorization list being remote from the mobile device over a communications network; receiving an application authorization request from the mobile device over the communications network, the application authorization request including application identification information; comparing the application identification information with one or more listed mobile applications of the plurality of mobile applications identified in the application authorization list; determining whether the application information matches any of the plurality of mobile applications to produce a decision instruction containing an authorization decision; and sending the decision instruction to the mobile device for subsequent processing of the decision instruction by a mobile

Abstract: A multi-environment computer device configured for providing a work environment type and a personal environment type via a user interface for a device user, each of the environments having the same persona, the device having: a computer processor coupled to a memory, wherein the computer processor is programmed to coordinate interaction between the device user and the pair of environments presented on the user interface by: configuring the user interface to present the personal environment for facilitating interaction between the device user and personal applications associated with the personal environment, the personal environment having an assigned user name of said persona and a personal password, the personal environment presented using a set of unique personal environment user interface design elements for distinguishing the personal environment from the work environment via the user interface; and responding to a switch environment command generated by a switch mechanism invoked by the device user via

Abstract: A server configured for managing server access by a first client application of a device over a communications network. The server receives a status message from the first client application over the communications network, the first client application managed by the server, the message including at least one compliance characteristic associated with a security policy of the server and an unique identification of the device. The server can access the security policy and compare the at least one compliance characteristic with a corresponding policy of the security policy to determine a current state of the device as contrary to the corresponding policy and in response generate a compromised status indicator for the device.