Abstract: A method includes receiving a notice of a policy violation of an enterprise usage policy by a managed application on a user device wherein the managed application is managed by a mobile application management module on the user device, retrieving the enterprise usage policy from a policy database. The method further includes determining a modification precedence of the active condition and the active restriction, selecting one of the active condition and the active restriction for modification in response to the modification precedence, modifying the selected one of the active condition and the active restriction in response to the notice of the policy violation to provide a modified enterprise usage policy, and transmitting the modified enterprise usage policy to the user device.

Abstract: For each of a plurality of wrapper logic components, a metric is determined from content of reports received from user electronic devices that characterizes performance of the wrapper logic component when executed by the user electronic devices to monitor a feature of an application during execution of the application by the user electronic devices. A set of the wrapper logic components is selected that excludes from the set any of the wrapper logic components having performance characterized by the metrics that does not satisfy a first defined rule. The set of wrapper logic components and the application are combined to form a modified application with the wrapper logic components of the set configured to monitor features of the modified application when executed by user electronic devices.

Abstract: Executable code of an application package is decompiled to provide a decompiled application package. Features of the application package are identified based on content of the decompiled application package. A set of wrapper logic components are selected from among a library of wrapper logic components based on the features of the application package. The decompiled application package is disassembled to provide disassembled code. Wrapper program hooks are inserted into the disassembled code to provide modified disassembled code. The modified disassembled code is assembled to provide modified assembled code. The wrapper logic components of the set are combined with the modified assembled code to form a wrapped application package including executable code from the modified assembled code and executable code from the wrapper logic components of the set that intercept calls by the executable code from the modified assembled code.

Abstract: A method includes performing operations on a processor of an application analysis computer. The operations include receiving reports from user terminals containing identifiers for operational states of an application being processed by the user terminals and containing state performance metrics. Each of the state performance metrics indicates a measurement of performance for a corresponding identified one of the operational states of the application being processed by one of the user terminals. The operations further include, for each of the operational states of the application identified in the reports, generating a rule for acceptable performance of the operational state of the application based on the state performance metrics of the operational state reported by the user terminals. The operations further include storing in a repository the rules associated with identifiers for corresponding ones of the operational states of the application. Related operations by a user terminal are disclosed.

Abstract: An OS API mapping computer operates to identify a set of OS APIs of a first OS version not present in a second OS version. OS APIs of the second OS version are identified that satisfy a defined rule for compatibility with the set of OS APIs of the first OS version not present in the second OS version. An OS APIs replacement list is generated that maps individual ones of the set of OS APIs of the first OS version, to corresponding ones of the OS APIs of the second OS version that satisfy the defined rule. A set is identified of OS APIs of an application that are in the OS APIs replacement list among the set of OS APIs of the first OS version. A plugin is generated based on the OS APIs of the second OS version mapped to the set of application OS APIs.

Abstract: A method includes performing operations on a processor of an application analysis computer. The operations include receiving state performance metrics reported by user terminals via a data network. Each of the state performance metrics indicating a measurement of performance of one of a plurality of operational states of an application processed by one of the user terminals. The operations further include determining when one of the state performance metrics reported by one of the user terminals violates a rule for acceptable operational state performance of the application, and communicating a response message to the one of the user terminals responsive to the determination that the one of the state performance metrics violates the rule. Related operations by a user terminal are disclosed.

Abstract: An OS API mapping computer operates to identify a set of OS APIs of a first OS version not present in a second OS version. OS APIs of the second OS version are identified that satisfy a defined rule for compatibility with the set of OS APIs of the first OS version not present in the second OS version. An OS APIs replacement list is generated that maps individual ones of the set of OS APIs of the first OS version, to corresponding ones of the OS APIs of the second OS version that satisfy the defined rule. A set is identified of OS APIs of an application that are in the OS APIs replacement list among the set of OS APIs of the first OS version. A plugin is generated based on the OS APIs of the second OS version mapped to the set of application OS APIs.

Abstract: Systems and methods for generating secure passwords, personal identification numbers (PINs), and other user credentials using touch-aware devices are described. In some cases, an end user of a computing device may use a touch-sensitive interface (e.g., a touchscreen) to indirectly enter user credentials for accessing protected information or a protected computing resource using the computing device. The end user may indirectly enter the user credentials by entering information that is different from the actual user credentials. In one example, the touch-sensitive interface may display a plurality of numbers and paths connecting the plurality of numbers and the end user of the computing device may select a sequence of numbers of the plurality of numbers using a touch gesture. The computing device may generate a user credential different from the sequence of numbers using the sequence of numbers selected by the end user.

Abstract: A method includes performing operations on a processor of an application analysis computer. The operations include receiving state performance metrics reported by user terminals via a data network. Each of the state performance metrics indicating a measurement of performance of one of a plurality of operational states of an application processed by one of the user terminals. The operations further include determining when one of the state performance metrics reported by one of the user terminals violates a rule for acceptable operational state performance of the application, and communicating a response message to the one of the user terminals responsive to the determination that the one of the state performance metrics violates the rule. Related operations by a user terminal are disclosed.

Abstract: A method includes performing operations on a processor of an application analysis computer. The operations include receiving reports from user terminals containing identifiers for operational states of an application being processed by the user terminals and containing state performance metrics. Each of the state performance metrics indicates a measurement of performance for a corresponding identified one of the operational states of the application being processed by one of the user terminals. The operations further include, for each of the operational states of the application identified in the reports, generating a rule for acceptable performance of the operational state of the application based on the state performance metrics of the operational state reported by the user terminals. The operations further include storing in a repository the rules associated with identifiers for corresponding ones of the operational states of the application. Related operations by a user terminal are disclosed.

Abstract: Systems and methods for generating secure passwords, personal identification numbers (PINs), and other user credentials using touch-aware devices are described. In some cases, an end user of a computing device may use a touch-sensitive interface (e.g., a touchscreen) to indirectly enter user credentials for accessing protected information or a protected computing resource using the computing device. The end user may indirectly enter the user credentials by entering information that is different from the actual user credentials. In one example, the touch-sensitive interface may display a plurality of numbers and paths connecting the plurality of numbers and the end user of the computing device may select a sequence of numbers of the plurality of numbers using a touch gesture. The computing device may generate a user credential different from the sequence of numbers using the sequence of numbers selected by the end user.

Abstract: A method includes performing operations as follows on a processor; providing an event anomaly rule that defines a condition for requiring authorization for processing the event, receiving an event notification for a user from a first data processing system, receiving an availability notification from a mobile device associated with the user, and sending the event notification to the mobile device associated with the user when the event satisfies the condition of the event anomaly rule at a time based on the availability notification.

Abstract: A method includes receiving a notice of a policy violation of an enterprise usage policy by a managed application on a user device wherein the managed application is managed by a mobile application management module on the user device, retrieving the enterprise usage policy from a policy database. The method further includes determining a modification precedence of the active condition and the active restriction, selecting one of the active condition and the active restriction for modification in response to the modification precedence, modifying the selected one of the active condition and the active restriction in response to the notice of the policy violation to provide a modified enterprise usage policy, and transmitting the modified enterprise usage policy to the user device.

Abstract: For each of a plurality of wrapper logic components, a metric is determined from content of reports received from user electronic devices that characterizes performance of the wrapper logic component when executed by the user electronic devices to monitor a feature of an application during execution of the application by the user electronic devices. A set of the wrapper logic components is selected that excludes from the set any of the wrapper logic components having performance characterized by the metrics that does not satisfy a first defined rule. The set of wrapper logic components and the application are combined to form a modified application with the wrapper logic components of the set configured to monitor features of the modified application when executed by user electronic devices.

Abstract: Executable code of an application package is decompiled to provide a decompiled application package. Features of the application package are identified based on content of the decompiled application package. A set of wrapper logic components are selected from among a library of wrapper logic components based on the features of the application package. The decompiled application package is disassembled to provide disassembled code. Wrapper program hooks are inserted into the disassembled code to provide modified disassembled code. The modified disassembled code is assembled to provide modified assembled code. The wrapper logic components of the set are combined with the modified assembled code to form a wrapped application package including executable code from the modified assembled code and executable code from the wrapper logic components of the set that intercept calls by the executable code from the modified assembled code.