Browse Prior Art Database

Method and apparatus for mobile application hosting Disclosure Number: IPCOM000218330D
Publication Date: 2012-Jun-03
Document File: 4 page(s) / 84K

Publishing Venue

The Prior Art Database


Isolated, secured and controlled enterprise workspace (container) for enterprise mobile applications. The enterprise workspace is accessible from within the native device workspace with the right security credentails, separating the enterprise applications, data and access to the enterprise backend services from the private workspace, applications and data.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 49% of the total text.

Page 01 of 4

Problem solved by the invention

    The number of enterprise mobile employees keeps growing; these employees must be able to use their mobile device, anywhere and anytime for critical tasks, to improve their productivity, and efficiency.

Therefore extending enterprise applications to mobile devices is increasingly becoming a priority for organizations optimizing their work force.

The major concerns of enterprises when examining enterprise mobility adoption are: security and control. Due to the nature of mobile devices they often get lost, stolen or left with no supervision, when dealing with enterprise sensitive applications and

data it imply significant operational risk to enterprises.

The aforementioned had led enterprises to the conclusion that they must be proactive about protecting and controlling their sensitive data and applications resides on mobile devices.

Solutions known to this problem, and their drawbacks

    Existing solutions to prevent unauthorized access to mobile devices and electronic equipment in general, include the requirement for password authentication at start-up, or after a certain period of inactivity, or after explicit lock-up by the authorized user. The common solution would either treat the device as a single

workspace, protected by device native security mechanisms or protection of each single application by username password mechanism. The issue with protection is that it leads compromising the mobile device usability. The user is either subject to unacceptable enterprise security policies whenever trying to access the device when the whole workspace is treated as one, or subject to repeatedly requirements for credentials when accessing the various applications, each one with its own security policy.

Tough requirements for authentication are not acceptable by users, who expect to

keep using their private applications and data on the mobile devices the way they used to.

Core idea of the invention

    The core idea of the invention is to allow isolation between the private and the enterprise workspaces, through hosting the enterprise applications in an enterprise container that isolates the enterprise artifacts from the private artifacts. The isolation is performed on several dimensions: memory, file system, execution and accessibility.


    Isolating the enterprise workspace from the private workspace. Providing the enterprises remote control of the enterprise mobile workspace, and only the enterprise mobile workspace, (no control of the private workspace),

Background - Managing on-Device Applications require Special Consideration for Native and Hybrid Apps

* Native apps are installed and updated from a "native" app store -In consumer scenarios, likely from the OS vendor app store -Governed and identified by the specific mobile operating system -Require active user participation to install and update

•Cannot push new applications and updates administratively (license and technology issues)