| 发明名称 | Secure configuration of mobile application | ||
| 摘要 | Secure configuration of a mobile application (“app”) includes sending the required configuration data for the app to the user's mobile computing device in a communication, for example an email with an attachment. A verification value is included in the attachment to protect the authenticity and integrity of the configuration data. A challenge code is issued to the user (or group of users). The challenge code is used to verify the configuration data. | ||
| 申请公布号 | US9331995(B2) | 申请公布日期 | 2016.05.03 |
| 申请号 | US201414258903 | 申请日期 | 2014.04.22 |
| 申请人 | SAP SE | 发明人 | Schneider Juergen;El Khoury Paul;Lechner Sami |
| 分类号 | G06F7/04;H04L29/06;H04W4/00;H04W12/06;G06F21/43;G06F21/57;H04N7/16;G06F9/445;H04W12/02 | 主分类号 | G06F7/04 |
| 代理机构 | Fountainhead Law Group PC | 代理人 | Fountainhead Law Group PC |
| 主权项 | 1. A computer-implemented method of configuring an application program of a mobile computing device, the method comprising: establishing a secure network connection between the mobile computing device and a server computer system; authenticating a user of the mobile computing device against the server computer system via the secure network connection; receiving, at the server computer system, a configuration request via the secure network connection from the mobile computing device, the configuration request indicative of a user's request for configuring the application program; and in response to receiving the configuration request: generating a challenge code;sending the challenge code via the secure network connection to the mobile computing device;encrypting configuration data using a symmetric key, wherein the symmetric key is the challenge code or the symmetric key is derived from the challenge code;sending the configuration data in encrypted form via the secured network connection to the mobile computing device; andsending a verification value from the server computer system to the mobile computing device either via an additional communication channel that is different from the secure network connection or as a separate communication over the same secure network connection, wherein the verification value is a hash-based message authentication code (HMAC) produced by applying a secure hash function to a combination of the configuration data with the challenge code, whereby the mobile computing device, in response to receiving the configuration data and the verification value, invokes a configuration program module to: prompt the user to enter a challenge code via a user interface;decrypt the configuration data in encrypted form upon entry of the challenge code via an input component of the mobile computing device;verify the configuration data using the challenge code entered by the user and the verification value received via the additional communication channel; andconfigure the application program using the configuration data in response to verification of the configuration data. | ||
| 地址 | Walldorf DE | ||