The use of mobile computing devices continues to grow. In particular, business and other enterprises have come to rely on mobile computing devices to allow individuals to remotely access various computing resources. Such resources may include, for example, electronic mail services, file services, data, and other electronic resources provided by the computer systems of an enterprise or the mobile device itself.
Whether an individual is located locally or remotely relative to computing resources, an enterprise may seek to protect and control access to those resources. Accordingly, an enterprise may implement various technological mechanisms (e.g., gateways and firewalls) as well as access control mechanisms (e.g., user authentication and authorization) in order to ensure an individual can only access the resources that individual is authorized and entitled to access. Such mechanisms may also prevent unauthorized individuals from accessing any of the computing resources.
With respect to mobile devices, an enterprise may employ various approaches to control remote access to computing resources from those mobile devices. This endeavor may be referred to as mobile device management. In one approach, an enterprise may provide an individual with a company-owned and company-controlled mobile device. Such a device may be configured such that the enterprise has control over the configuration, functionality, operation, and data of the mobile device. In this regard, the company-controlled mobile device may be referred to as a managed device. The enterprise may remotely control the managed device via, e.g., a client-server architecture. An enterprise server may remotely issue commands to a client application residing at the managed device. Such commands may include, e.g., installing new applications or functionality, updating existing applications or functionality, updating configuration settings, providing data, and so forth. If the managed device is lost or stolen, the enterprise may issue commands to lock or wipe the device in order to prevent an unauthorized individual from gaining access to the device or from gaining access to the resources via the device.
Individuals, however, may find it inconvenient to maintain both a company-owned mobile device as well as a personal mobile device. Instead, individuals may prefer to access the resources from their personal mobile devices. This practice may be referred to as BYOD, bring-your-own-device. Because these personal devices may not be company-controlled, such personal devices may be referred to as unmanaged devices. To accommodate this preference, solutions to allow unmanaged devices to access these resources are currently in development.
For example, providing a company-controlled mobile application, a managed mobile application, that is configured to operate at an unmanaged device is one approach currently in development. However, challenges remain. For managed mobile applications operating on an unmanaged device to be a viable approach, mechanisms to prevent unauthorized access to or use of resources via the managed mobile application may be needed. In particular, there exists a need to validate the identity of a managed mobile application to ensure the managed mobile application has been altered to circumvent the security mechanisms that protect the resources. In addition, there exists a need to control the operation of the managed mobile application at the unmanaged mobile device.