Patents Assigned to Mobile Iron, Inc.
-
Patent number: 10079834Abstract: Techniques to provide secure mobile access to a cloud-based service are disclosed. In various embodiments, a request to access the cloud-based service is received from a mobile device. A security certificate associated with the request is used to synthesize a basic authentication header associated with the request. The synthesized basic authentication header is sent to the cloud-based service on behalf of the mobile device.Type: GrantFiled: January 26, 2016Date of Patent: September 18, 2018Assignee: MOBILE IRON, INC.Inventors: Kumara Das Karunakaran, Vijay Pawar, Ivan Golovenko
-
Patent number: 10070343Abstract: Mobile device traffic management is disclosed. Information including a traffic management policy to be applied to data transferred between a mobile device and a node is received from a device management server. The device management server determines the traffic management policy based at least in part on roaming state information received from the mobile device. Data transferred between the mobile device and the node is processed based at least in part on the traffic management policy.Type: GrantFiled: December 8, 2014Date of Patent: September 4, 2018Assignee: MOBILE IRON, INC.Inventors: Mansu Kim, Benjamin Markines, Suresh Kumar Batchu
-
Patent number: 10038598Abstract: In various embodiments, a device may include a communications interface configured to receive, from the device management server, an indication to perform an action that requires access to a privileged user space. The device may include a processor configured to use a bridge service to perform the action, where the bridge service runs in a security context that enables the service to operate in the privileged user space. In various embodiments, a server may include a communications interface and a processor. The processor may be configured to receive an indication to perform a management action not within a native device management functionality. The processor may be further configured to invoke a bridge service running on the managed device to perform the action by sending a request via the communications interface, where the bridge service runs in a security context that enables the service to operate in the privileged user space.Type: GrantFiled: May 24, 2017Date of Patent: July 31, 2018Assignee: MOBILE IRON, INC.Inventors: Tomas Vetrovsky, Pavel Zeman, Thanhy Mather
-
Patent number: 10025836Abstract: Application synchronization techniques are disclosed. An indication is received that a mobile app has performed an operation affecting mobile app data of the mobile app. At least a portion of the mobile app data is stored to a remote storage system based at least in part on the indication. The indication may be received by and the storing operation may be performed at least in part by a management code embedded in mobile app code comprising the mobile app.Type: GrantFiled: December 12, 2014Date of Patent: July 17, 2018Assignee: MOBILE IRON, INC.Inventors: Suresh Kumar Batchu, Mansu Kim
-
Patent number: 10021101Abstract: Embedding security posture in network traffic is disclosed. Security posture information is received. The security posture information is embedded into a message. The message including the security posture information is sent from a mobile device to a service node. The service node uses the security posture information to validate the mobile device to access a service. The service accesses the service based at least in part on the validation.Type: GrantFiled: July 28, 2017Date of Patent: July 10, 2018Assignee: MOBILE IRON, INC.Inventors: Suresh Kumar Batchu, Mansu Kim
-
Patent number: 10003600Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.Type: GrantFiled: January 26, 2016Date of Patent: June 19, 2018Assignee: MOBILE IRON, INC.Inventors: Kumara Das Karunakaran, Vijay Pawar, Jian Liu
-
Patent number: 9992068Abstract: Rule-based mobile device management delegation is disclosed. A set of rules are applied to attributes associated with a mobile device to assign the mobile device to one of a plurality of management partitions. The mobile device is managed according to a policy associated with the assigned management partition.Type: GrantFiled: April 24, 2017Date of Patent: June 5, 2018Assignee: MOBILE IRON, INC.Inventors: Joshua Glenn Broch, Thomas Edward Wagner, Phillip Charles Krasko, Jesse Wagner Lindeman
-
Patent number: 9961554Abstract: Techniques to manage applications, such as mobile apps, across multiple management domains are disclosed. In various embodiments, a set of one or more application management policies to be enforced with respect to a mobile device is received from a management entity to which a scope of authority to manage applications with respect to the mobile device has been delegated. A management agent on the mobile device is used to enforce the one or more application management policies with respect to applications and application data that are within the scope of authority delegated to the management entity.Type: GrantFiled: April 28, 2017Date of Patent: May 1, 2018Assignee: MOBILE IRON, INC.Inventors: Mansu Kim, Suresh Kumar Batchu
-
Patent number: 9923873Abstract: Techniques to provide syndicated device and application management are disclosed. In various embodiments, a request associated with accessing a third party service is received, for example, at a device management server or other management system. A third party service configuration data is used to configure the managed device to access the third party service directly from the third party service.Type: GrantFiled: June 12, 2017Date of Patent: March 20, 2018Assignee: MOBILE IRON, INC.Inventors: Mansu Kim, Suresh Kumar Batchu
-
Patent number: 9917698Abstract: One embodiment of the present disclosure provides a method that includes accessing, by a mobile device management system, a profile for a mobile device. The method also includes negotiating, by the mobile device management system, with a certificate authority to obtain a certificate for the mobile device. The negotiating with the certificate authority includes imitating the mobile device based on the profile. The negotiating with the certificate authority also includes, based at least on the imitation, transmitting one or more certificate enrollment messages to the certificate authority. The negotiating with the certificate authority further includes, based on the one or more messages, receiving, at the mobile device management system, the certificate for the mobile device. The method further includes transmitting the certificate to a control agent hosted on the mobile device for installation.Type: GrantFiled: February 18, 2016Date of Patent: March 13, 2018Assignee: MOBILE IRON, INC.Inventor: Joshua Glenn Broch
-
Patent number: 9866382Abstract: Secure application-to-application communication is disclosed. A shared encryption key may be used to encrypt data to be transferred from a first mobile application to a second mobile application. The encrypted data is provided to a shared storage location. The second mobile application is configured to retrieve the encrypted data from the shared storage location.Type: GrantFiled: March 3, 2014Date of Patent: January 9, 2018Assignee: MOBILE IRON, INC.Inventors: Thomas Edward Wagner, Robert Elliott Whiteman
-
Patent number: 9860187Abstract: Embodiments of the present application relate to a method, apparatus, and system for enrolling a mobile device with an enterprise network. The method includes receiving, from a mobile device, a request to access an enrollment address. In response to receiving the request to access the enrollment address, determining whether the mobile device is pre-enrolled with the enterprise network, and in the event that the mobile device from which the request to access the enrollment address is received corresponds to the mobile device that is pre-enrolled with the enterprise network, pushing user-specific settings to the mobile device.Type: GrantFiled: February 27, 2015Date of Patent: January 2, 2018Assignee: MOBILE IRON, INC.Inventors: Tom Chang, Mansu Kim
-
Patent number: 9854443Abstract: A mobile device traffic splicer is disclosed. In various embodiments, a network communication associated with a destination is received from a mobile device. A stored routing data associated with the mobile device is used to determine, based at least in part on the destination, to redirect the network communication to a proxy associated with the destination. The network communication is sent to the proxy associated with the destination. In various embodiments, one or both of metering network traffic by destination and/or domain and filtering network communications and/or portions thereof based on the destination and/or domain may be performed.Type: GrantFiled: March 31, 2015Date of Patent: December 26, 2017Assignee: MOBILE IRON, INC.Inventors: Suresh Kumar Batchu, Mansu Kim
-
Patent number: 9847882Abstract: Multiple factor authentication in an identity certificate service is disclosed. A certificate including a cryptographically-obscured identifier associated with the end entity is sent from an end entity to a service node. The service node uses both the certificate and the identifier to authenticate the end entity at least in part by comparing the identifier to a reference identifier. A service associated with the service node is accessed based at least in part on the authentication.Type: GrantFiled: March 24, 2017Date of Patent: December 19, 2017Assignee: MOBILE IRON, INC.Inventor: Mansu Kim
-
Patent number: 9848001Abstract: Securing access to one or more applications in an enterprise zone (e.g., a set of protected applications) is disclosed. A last activity time associated with a use of at least one mobile application in the protected subset may be retrieved from a shared storage location associated with a protected subset of two or more protected mobile applications. It may be determined that the last activity time is within a session expiration time period associated with the protected subset. Access to one or more applications in the protected subset may be allowed without credential verification based at least in part on the determination.Type: GrantFiled: October 30, 2015Date of Patent: December 19, 2017Assignee: MOBILE IRON, INC.Inventors: Mansu Kim, Joshua Sirota, Suresh Kumar Batchu
-
Patent number: 9830468Abstract: A user interface for a virtual file management system that provides user access to managed content on mobile devices. The system comprises storage domains storing the managed content distributively using file systems, and a data infrastructure that organizes the managed content into a virtual file system. The data infrastructure includes a component that maintains policies defining controls for permissible operations on the managed content, the permissible operations including the file system primitives. A client application including a user interface is hosted on the mobile devices and is coupled to the data infrastructure and the storage domains and includes an enforcement component that retrieves and enforces the policies by applying the controls on the mobile devices.Type: GrantFiled: July 23, 2015Date of Patent: November 28, 2017Assignee: MOBILE IRON, INC.Inventors: John Drewry, Rahul Sharma, Gary Cribb, Pronob Ashwin
-
Patent number: 9794975Abstract: Peer-to-peer management of mobile devices is disclosed. In various embodiments, a message is received at a first mobile device indicating that a device management permission with respect to a second mobile device that is a peer of the first mobile device has been granted to a user associated with the first mobile device. The first mobile device is configured to be used to perform with respect to the second mobile device a device management action associated with the device management permission.Type: GrantFiled: August 13, 2015Date of Patent: October 17, 2017Assignee: MOBILE IRON, INC.Inventors: Venkata Narayana Porala, Madhu Vemuri
-
Patent number: 9794351Abstract: Distributed mobile device management including a plurality of management agents is disclosed. Management-related information may be retrieved from a storage location accessible to a plurality of management agents. The management-related information may have been provided to the storage location from a management agent associated with a managed application. And at least one operation may be performed based at least in part on the management-related information.Type: GrantFiled: April 17, 2015Date of Patent: October 17, 2017Assignee: MOBILE IRON, INC.Inventors: Mansu Kim, Suresh Kumar Batchu, Joshua Sirota
-
Patent number: 9762444Abstract: Detecting a mobile device management (MDM) profile from a management agent is disclosed. A third party management agent is used to perform a test operation to determine an occurrence of an indirect indication of a presence of a configuration profile. The occurrence of the indirect indication is based at least in part on the presence of indirect indication-associated data in the configuration profile. It is determined, based at least in part on the occurrence of the indirect indication, that the configuration profile is implemented by a platform management agent.Type: GrantFiled: December 8, 2014Date of Patent: September 12, 2017Assignee: MOBILE IRON, INC.Inventor: Mansu Kim
-
Patent number: 9756047Abstract: Embedding security posture in network traffic is disclosed. Security posture information is received. The security posture information is embedded into a message. The message including the security posture information is sent from a mobile device to a service node. The service node uses the security posture information to validate the mobile device to access a service. The service accesses the service based at least in part on the validation.Type: GrantFiled: October 17, 2014Date of Patent: September 5, 2017Assignee: MOBILE IRON, INC.Inventors: Suresh Kumar Batchu, Mansu Kim