Hi All, In mobile operating systems, what we can do to do $subject is blocking applications by accessing device network.
I have been working on the $subject and was able to do a 2 way implementation using following approaches. 1. Creating a local VPN and blocking apps from using device mobile data and WIFI connections. 2. Using IPTables to create firewall rules (this requires ROOT access and not recommendable in off the shelf devices. (Creating IPTable records require "su" command via android shell). >From above 2 approaches, if we take EMM theories in to consideration, we will have to drop option 2 because it compromises access. So we are left with option 1. While discussing, we thought that enabling "Kiosk mode" [1] should also be a proper solution to address this use case. We can simply enable Kiosk mode by using our android agent app (since it has device administrator privileges). But in a usual device (BYOD) this requires user intervention (user needs to grant access). In COPE mode(where the devices are provided by the organization and they can vendor sign our agent app so that it can become a privileged system app), we can simply enable Kiosk mode (Screen pinning) by making our agent app the "device owner"[2]. Therefore I suggest tat we should re-think on $subject and try to make use of above discussed approach. WDYT? [1] - http://www.sureshjoshi.com/mobile/android-kiosk-mode-without-root/ [2] - https://support.google.com/work/android/answer/6294687?hl=en Thanks -- Kasun Dananjaya Delgolla Software Engineer WSO2 Inc.; http://wso2.com lean.enterprise.middleware Tel: +94 11 214 5345 Fax: +94 11 2145300 Mob: + 94 771 771 015 Blog: http://kddcodingparadise.blogspot.com Linkedin: *http://lk.linkedin.com/in/kasundananjaya <http://lk.linkedin.com/in/kasundananjaya>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
