Patents Assigned to Mobile Iron, Inc.
  • Patent number: 10320801
    Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.
    Type: Grant
    Filed: September 25, 2018
    Date of Patent: June 11, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
  • Patent number: 10284369
    Abstract: Secure application-to-application communication is disclosed. A shared encryption key may be used to encrypt data to be transferred from a first mobile application to a second mobile application. The encrypted data is provided to a shared storage location. The second mobile application is configured to retrieve the encrypted data from the shared storage location.
    Type: Grant
    Filed: June 30, 2017
    Date of Patent: May 7, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Thomas Edward Wagner, Robert Elliott Whiteman
  • Patent number: 10278069
    Abstract: Techniques to authorize access to a service are disclosed. In various embodiments, a token that includes data comprising or otherwise associated with a device identifier of a device on which an application configured to access a service is installed is provided to the application. A service access authorization request that includes the token is received. The token is used to determine device information associated with the service access authorization request.
    Type: Grant
    Filed: August 4, 2015
    Date of Patent: April 30, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Joshua Glenn Broch, Phillip Charles Krasko
  • Patent number: 10275607
    Abstract: Location, time, and other contextual mobile application policies are disclosed. Access state information associated with a managed set of applications may be determined based at least in part on environmental context data associated with a mobile device and one or more contextual policies associated with the managed set of applications. The access state information may be provided to at least one application included in the managed set of applications, wherein at least one application in the managed set of applications is configured to use the access state information to regulate use of the application in a manner required by the one or more contextual policies.
    Type: Grant
    Filed: July 6, 2017
    Date of Patent: April 30, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Mansu Kim, Joshua Sirota, Suresh Kumar Batchu
  • Patent number: 10277698
    Abstract: Information associated with a remote display server is received at a mobile device from a device management server. A local display node is advertised. A request to connect to the local display node is received from a mobile device component. The component sends the request in response to a command received from the device management server to connect to the local display node. The local display node uses the information associated with the remote display server to advertise the local display node in a manner that associates the local display node with the command received by the component. A connection is established between the local display node and the component in response to the request. The information associated with the remote display server and the connection between the component and the local display node is used to transparently proxy data from the component to the remote display server.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: April 30, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Gregory Christopher Gerard, Joshua Sirota
  • Patent number: 10198585
    Abstract: Techniques to manage mobile devices are disclosed. In various embodiments, a request to perform a management action with respect to a mobile device is received from a mobile device management (MDM) authority. A scope of authority of the MDM authority with respect to the mobile device is determined. The management action is caused to be performed with respect to the mobile device based at least in part on the determined scope of authority of the MDM authority with respect to the mobile device.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: February 5, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Suresh Kumar Batchu, Mansu Kim
  • Patent number: 10193865
    Abstract: Techniques described herein convert mobile traffic between different types of VPN protocols, including IP and Transport. In an embodiment, a security proxy associated with a server receives a packet associated with a client app on a device, the packet including a source identifier and a destination identifier. The security proxy reassigns a tunnel identifier as the source and a node identifier as the destination, then stores a correlation of the tunnel identifier, the source identifier, and the destination identifier. The security proxy forwards the packet to the node inside the security proxy, and determines the destination identifier based on the correlation. The node then forwards the packet to the destination. This allows for multiple devices to use a same source identifier, e.g., same IP address. In some embodiments, a secure connection is established and/or the device and server are mutually authenticated prior to the processing of the packets.
    Type: Grant
    Filed: March 17, 2016
    Date of Patent: January 29, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Kumara Das Karunakaran, Alexei Volkov, Pranav Desai, Victor Pavlov
  • Patent number: 10171648
    Abstract: A mobile device management system that monitors the security state of one or more mobile devices and sets indicators related to such security state. Enterprise network applications, such as an email application, can access the security state information when making access control decisions with respect to a given mobile device.
    Type: Grant
    Filed: September 11, 2014
    Date of Patent: January 1, 2019
    Assignee: MOBILE IRON, INC.
    Inventors: Joshua Glenn Broch, Ratnarekha Singamsetty, Jesse Wagner Lindeman, Suresh Kumar Batchu
  • Patent number: 10158531
    Abstract: In various embodiments, a device may include a communications interface configured to receive, from the device management server, an indication to perform an action that requires access to a privileged user space. The device may include a processor configured to use a bridge service to perform the action, where the bridge service runs in a security context that enables the service to operate in the privileged user space. In various embodiments, a server may include a communications interface and a processor. The processor may be configured to receive an indication to perform a management action not within a native device management functionality. The processor may be further configured to invoke a bridge service running on the managed device to perform the action by sending a request via the communications interface, where the bridge service runs in a security context that enables the service to operate in the privileged user space.
    Type: Grant
    Filed: June 27, 2018
    Date of Patent: December 18, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Tomas Vetrovsky, Pavel Zeman, Thanhy Mather
  • Patent number: 10116663
    Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.
    Type: Grant
    Filed: April 25, 2018
    Date of Patent: October 30, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
  • Patent number: 10114932
    Abstract: Adapting a mobile or other application (“app”) to a partitioned environment is disclosed. In various embodiments, a “secure zone” or other logical partition is created and enforced at least in part by adapting a mobile or other app to behave in a manner required by and/or otherwise associated with the secure zone or other partition and which behavior is or in various embodiments may be different than a native behavior of the mobile or other app as designed and written by an application developer of the app.
    Type: Grant
    Filed: July 27, 2016
    Date of Patent: October 30, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Eric M. Marion, Nitin Sonawane
  • Patent number: 10091127
    Abstract: Embodiments of the present application relate to a method, apparatus, and system for enrolling a mobile device with an enterprise network. The method includes receiving, from a mobile device, a request to access an enrollment address. In response to receiving the request to access the enrollment address, determining whether the mobile device is pre-enrolled with the enterprise network, and in the event that the mobile device from which the request to access the enrollment address is received corresponds to the mobile device that is pre-enrolled with the enterprise network, pushing user-specific settings to the mobile device.
    Type: Grant
    Filed: November 16, 2017
    Date of Patent: October 2, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Tom Chang, Mansu Kim
  • Patent number: 10079834
    Abstract: Techniques to provide secure mobile access to a cloud-based service are disclosed. In various embodiments, a request to access the cloud-based service is received from a mobile device. A security certificate associated with the request is used to synthesize a basic authentication header associated with the request. The synthesized basic authentication header is sent to the cloud-based service on behalf of the mobile device.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: September 18, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Kumara Das Karunakaran, Vijay Pawar, Ivan Golovenko
  • Patent number: 10070343
    Abstract: Mobile device traffic management is disclosed. Information including a traffic management policy to be applied to data transferred between a mobile device and a node is received from a device management server. The device management server determines the traffic management policy based at least in part on roaming state information received from the mobile device. Data transferred between the mobile device and the node is processed based at least in part on the traffic management policy.
    Type: Grant
    Filed: December 8, 2014
    Date of Patent: September 4, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Mansu Kim, Benjamin Markines, Suresh Kumar Batchu
  • Patent number: 10038598
    Abstract: In various embodiments, a device may include a communications interface configured to receive, from the device management server, an indication to perform an action that requires access to a privileged user space. The device may include a processor configured to use a bridge service to perform the action, where the bridge service runs in a security context that enables the service to operate in the privileged user space. In various embodiments, a server may include a communications interface and a processor. The processor may be configured to receive an indication to perform a management action not within a native device management functionality. The processor may be further configured to invoke a bridge service running on the managed device to perform the action by sending a request via the communications interface, where the bridge service runs in a security context that enables the service to operate in the privileged user space.
    Type: Grant
    Filed: May 24, 2017
    Date of Patent: July 31, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Tomas Vetrovsky, Pavel Zeman, Thanhy Mather
  • Patent number: 10025836
    Abstract: Application synchronization techniques are disclosed. An indication is received that a mobile app has performed an operation affecting mobile app data of the mobile app. At least a portion of the mobile app data is stored to a remote storage system based at least in part on the indication. The indication may be received by and the storing operation may be performed at least in part by a management code embedded in mobile app code comprising the mobile app.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: July 17, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Suresh Kumar Batchu, Mansu Kim
  • Patent number: 10021101
    Abstract: Embedding security posture in network traffic is disclosed. Security posture information is received. The security posture information is embedded into a message. The message including the security posture information is sent from a mobile device to a service node. The service node uses the security posture information to validate the mobile device to access a service. The service accesses the service based at least in part on the validation.
    Type: Grant
    Filed: July 28, 2017
    Date of Patent: July 10, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Suresh Kumar Batchu, Mansu Kim
  • Patent number: 10003600
    Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: June 19, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
  • Patent number: 9992068
    Abstract: Rule-based mobile device management delegation is disclosed. A set of rules are applied to attributes associated with a mobile device to assign the mobile device to one of a plurality of management partitions. The mobile device is managed according to a policy associated with the assigned management partition.
    Type: Grant
    Filed: April 24, 2017
    Date of Patent: June 5, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Joshua Glenn Broch, Thomas Edward Wagner, Phillip Charles Krasko, Jesse Wagner Lindeman
  • Patent number: 9961554
    Abstract: Techniques to manage applications, such as mobile apps, across multiple management domains are disclosed. In various embodiments, a set of one or more application management policies to be enforced with respect to a mobile device is received from a management entity to which a scope of authority to manage applications with respect to the mobile device has been delegated. A management agent on the mobile device is used to enforce the one or more application management policies with respect to applications and application data that are within the scope of authority delegated to the management entity.
    Type: Grant
    Filed: April 28, 2017
    Date of Patent: May 1, 2018
    Assignee: MOBILE IRON, INC.
    Inventors: Mansu Kim, Suresh Kumar Batchu