Browse Prior Art Database

Easy First Activation in an Enterprise Environment

IP.com Disclosure Number: IPCOM000248623D
Publication Date: 2016-Dec-21

Publishing Venue

The IP.com Prior Art Database

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 14% of the total text.

Easy First Activation in an Enterprise Environment

Contents 1 Introduction ................................................................................................................. 1

1.1 Overview .............................................................................................................. 1 1.2 General Requirements .......................................................................................... 1 1.3 Security Considerations ........................................................................................ 2

2 High Level Design ...................................................................................................... 2 2.1 Outline .................................................................................................................. 2 2.2 Enrollment Server Certificates ............................................................................. 3 2.3 Enrollment Access Codes..................................................................................... 3 2.4 SMS Integration ................................................................................................... 5 2.5 Enrollment Server Configuration ......................................................................... 5 2.6 Enrollment Flow Without an Enrollment Access Code ....................................... 6 2.7 Enrollment Flow With an Enrollment Access Code ............................................ 8 2.8 Client-side UX...................................................................................................... 9 2.9 Temporary Unlock ............................................................................................. 12

3 Potential Future Enhancements ................................................................................. 12 4 Alternate Designs ...................................................................................................... 12 5 References .................................................................. Error! Bookmark not defined.

1 Introduction 1.1 Overview This design covers a mechanism to make activation of the first app on a device easier by allowing the user to authenticate the activation using Enterprise domain credentials, rather than an activation access key.

1.2 General Requirements Some way to activate the first Secure Mobile Application Platform app on a device without the user having to enter an access key manually or, at least, without having to enter a code that can only be received via the user's own Enterprise email account.

1.3 Security Considerations a. Preventing an attacker from impersonating a legitimate Control Server for the

purpose of capturing domain credentials. b. Preventing an attacker from locking out various Enterprise users' domain credentials

by sending dummy activation requests.

2 High Level Design 2.1 Outline The following outline summarizes the major elements of this design. Note that, for the purposes of this desig...