Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by initiating an SSL handshake with a client certificate request for a client SSL certificate embedded in the configuration profile. Validation against the embedded client SSL certificate implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by initiating an SSL handshake with a client certificate request for a client SSL certificate embedded in the configuration profile. Validation against the embedded client SSL certificate implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by initiating an SSL handshake with a client certificate request for a client SSL certificate embedded in the configuration profile. Validation against the embedded client SSL certificate implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by using a validation certificate to validate against a root certificate embedded in a configuration profile installed on the device. The configuration profile is configured to be non-removable, so it cannot be remove or updated, except by another configuration profile signed by the same authority.

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by using a validation certificate to validate against a root certificate embedded in a configuration profile installed on the device. The configuration profile is configured to be non-removable, so it cannot be remove or updated, except by another configuration profile signed by the same authority.

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by initiating an SSL handshake with a client certificate request for a client SSL certificate embedded in the configuration profile. Validation against the embedded client SSL certificate implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.