主权项 |
1. A method for maintaining an isolated workspace environment of enterprise applications on a mobile device, the method comprising:
receiving enterprise applications for installation on the mobile device, wherein functionality has been inserted into binary executables of the enterprise applications to force the enterprise applications to communicate with an application management agent installed on the mobile device in order to obtain a security policy governing a user's ability to access the enterprise applications, the security policy including a validity time period value related to keeping the isolated workspace valid; providing by the application management agent, cryptographic keys to the enterprise applications to share encrypted messages relating to the isolated workspace that are stored on the mobile device; upon launch of one of the enterprise applications, encrypting, by the launched enterprise application, a workspace expiration time value using one of the cryptographic keys provided by the application management agent and storing, by the launched enterprise application, the encrypted workspace expiration time value as an encrypted message on the mobile device, wherein the workspace expiration time value is a function of the validity time period value and reflects a period of time in which the isolated workspace remains valid; extending the workspace expiration time value by the launched enterprise application if the user continues to use the launched enterprise application or, by at least one other enterprise application, if the other enterprise application is launched by the user before an expiration of the expiration time value; and requesting, by the application management agent, authentication credentials from the user to continue using enterprise applications in the isolated workspace if the workspace expiration time value expires due to a lack of activity by the user of any of the enterprise applications. |