DESC:FORM 2

THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENT RULES, 2003

COMPLETE SPECIFICATION
(See Section 10 and Rule 13)

Title of invention:
ENTERPRISE APPLICATION ACCESS CONTROL

Applicant:
BitWise Solutions Private Limited
A company Incorporated in India under the Companies Act, 1956
Having Address:
BitWise World,
Off International Convention Centre,
Senapati Bapat Road, Pune – 411016, Maharashtra, India

The following specification particularly describes the invention and the manner in which it is to be performed.
CROSS-REFERENCE TO RELATED APPLICATIONS AND PRIORITY
[001] The present application claim priority from India provisional patent application (201621025855) titled “ENTERPRISE APPLICATION ACCESS CONTROL” dated July 28, 2016.
TECHNICAL FIELD
[002] The present subject matter described herein, in general, relates to a field of data security, and more particularly a system and a method for providing selective access to an enterprise application.
BACKGROUND
[003] Computers, software and Internet have become critical tools in today's information based society. In particular, the accomplishment of the Internet can be largely credited to the propagation of online services. Online services play an indispensable role in people's daily lives, enabling open and free access to activities such as email, search, social networking, business, buying, shopping etc. The popularity of the services and the open access model has, in turn, attracted attackers to leverage these resources as major attack venues. Within the last few years, millions of malicious accounts and their nefarious activities including spam, phishing, social scam, and malware propagation have become a pervasive problem throughout the Internet. From the point of view of an organization, free and open access to organization data may result in data theft, and industrial espionage. Industrial espionage may be understood as covert and illegal practice of investigating competitors to gain a business advantage. The target of investigation might be a trade secret such as a proprietary product specification or formula, or information about business plans. Typically, such information makes the difference between success and failure, if a trade secret is stolen, the competitive playing field is leveled or even tipped in favor of a competitor. Thus, in view of the above problems, organizations always prevent access to any organizations/employees data from outside the organization’s premises. In such condition, the conventional systems also restrict access other information that may not be critical to an organization, which may enable efficient and hassle free working environment within the organization.

SUMMARY
[004] Before the present system(s) and methods for providing selective access to an enterprise application, are described, it is to be understood that this application is not limited to the particular system(s), and methodologies described, as there can be multiple possible embodiments which are not expressly illustrated in the present disclosures. It is also to be understood that the terminology used in the description is for the purpose of describing the particular implementations or versions or embodiments only, and is not intended to limit the scope of the present application. This summary is provided to introduce aspects related to a system and a method for providing selective access to an enterprise application. This summary is not intended to identify essential features of the claimed subject matter nor is it intended for use in determining or limiting the scope of the claimed subject matter.
[005] In one implementation, a system for providing selective access to an enterprise application is disclosed. The system comprises a memory and a processor coupled to the memory, further the processor is configured to execute programmed instructions stored in the memory. In one aspect, the processor may execute programmed instructions stored in the memory for receiving device data from a set of devices. In one example, the device data may be associated with each device from the set of devices. The device data may comprise a device identification code and a network parameter. Further, the processor may execute programmed instructions stored in the memory for identifying one or more devices, from the set of devices, based on comparison of the device identification code and a registered device identification code stored at a database. In one embodiment, the one or more devices may be registered with an organization platform. Furthermore, the processor may execute programmed instructions stored in the memory for identifying a network type, utilized by the one or more devices to connect with the organization platform, using the network parameter. The processor may further execute programmed instructions stored in the memory for receiving an access credentials from the one or more devices. Further, the processor may execute programmed instructions stored in the memory for validating the access credentials, associated with the one or more devices, based on comparison of the access credentials and a primary access credentials stored at the database. Furthermore, the processor may execute programmed instructions stored in the memory for providing selective access to the one or more devices for an enterprise application based on the network type and the validation of the access credentials. In one embodiment, the enterprise application may be deployed over the organization platform.
[006] In another implementation, a method for providing selective access to an enterprise application is disclosed. The method may comprise receiving device data from a set of devices. In one example, the device data may be associated with each device, from the set of devices. The device data may comprise a device identification code and a network parameter. Further, the method may comprise identifying one or more devices, from the set of devices, based on comparison the device data and historic data stored at a database. In one embodiment, the one or more devices may be registered with an organization platform. Furthermore, the method may comprise identifying a network type, utilized by the one or more devices to connect with the organization platform, using the network parameter. The method may further comprise receiving an access credentials from the one or more devices. Further, the method may comprise validating the access credentials, associated with the one or more devices, based on comparison of the access credentials and a primary access credentials stored at the database. Furthermore, the method may comprise providing selective access to the one or more devices for an enterprise application based on the network type and the validation of the access credentials. In one embodiment, the enterprise application may be deployed over the organization platform.
[007] In yet another implementation, computer program product having embodied computer program for providing selective access to an enterprise application is disclosed. The program may comprise a program code for receiving device data from a set of devices. In one example, the device data may be associated with each device, from the set of devices. The device data may comprise a device identification code and a network parameter. Further, the program may comprise a program code for identifying one or more devices, from the set of devices, based on comparison of the device identification code and a registered device identification code stored at a database. In one embodiment, the one or more devices may be registered with an organization platform. Furthermore, the program may comprise a program code for identifying a network type, utilized by the one or more devices to connect with the organization platform, using the network parameter. The program may further comprise a program code for receiving an access credentials from the one or more devices. Further, the program may comprise a program code for validating the access credentials, associated with the one or more devices, based on comparison of the access credentials and a primary access credentials stored at the database. Furthermore, the program may comprise a program code for providing selective access to the one or more devices for an enterprise application based on the network type and the validation of the access credentials. In one embodiment, the enterprise application may be deployed over the organization platform.
BRIEF DESCRIPTION OF THE DRAWINGS
[008] The foregoing detailed description of embodiments is better understood when read in conjunction with the appended drawings. For the purpose of illustrating of the present subject matter, an example of construction of the present subject matter is provided as figures; however, the invention is not limited to the specific method and system for providing selective access to an enterprise application disclosed in the document and the figures.
[009] The present subject matter is described in detail with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The same numbers are used throughout the drawings to refer various features of the present subject matter.
[0010] Figure 1 illustrates a network implementation of a system for providing selective access to an enterprise application, in accordance with an embodiment of the present subject matter.
[0011] Figure 2 illustrates the system for providing selective access to an enterprise application, in accordance with an embodiment of the present subject matter.
[0012] Figure 3 illustrates a method for providing selective access to an enterprise application, in accordance with an embodiment of the present subject matter.
DETAILED DESCRIPTION
[0013] Some embodiments of this disclosure, illustrating all its features, will now be discussed in detail. The words "receiving," "identifying," "validating," and "providing," and other forms thereof, are intended to be equivalent in meaning and be open ended in that an item or items following any one of these words is not meant to be an exhaustive listing of such item or items, or meant to be limited to only the listed item or items. It must also be noted that as used herein and in the appended claims, the singular forms "a," "an," and "the" include plural references unless the context clearly dictates otherwise. Although any system and methods for providing selective access to an enterprise application similar or equivalent to those described herein can be used in the practice or testing of embodiments of the present disclosure, the exemplary, system and methods are now described. The disclosed embodiments for providing selective access to the enterprise application are merely examples of the disclosure, which may be embodied in various forms.
[0014] Various modifications to the embodiment will be readily apparent to those skilled in the art and the generic principles herein may be applied to other embodiments. However, one of ordinary skill in the art will readily recognize that the present disclosure for providing selective access to an enterprise application is not intended to be limited to the embodiments described, but is to be accorded the widest scope consistent with the principles and features described herein.
[0015] In an implementation, a system and method for providing selective access to an enterprise application, is described. In the implementation, device data may be received from a set of devices. In one example, the device data may be associated with each device, from the set of devices. The device data may comprise a device identification code, a network parameter and the like. Upon receiving the device data, one or more devices, from the set of devices, may be identified based on comparison of the device identification code and a registered device identification code stored at a database. Further to identification of the one or more devices, a network type utilized by the one or more devices may be identified. In one aspect, the network type may be identified using the network type. Subsequent to the identification of the network type, an access credentials may be received from the one or more devices. Further, the access credentials, associated with the one or more devices, may be validated based on comparison of the access credentials and a primary access credentials stored at the database. Furthermore, selective access may be provided to the one or more devices for the enterprise application based on the network type and the validation of the access credentials. In one example, the enterprise application may be deployed over the organization platform. Further, the network implementation of system for providing selective access to an enterprise application is illustrated with Figure 1.
[0016] Referring now to Figure 1, a network implementation of a system 102 for providing selective access to an enterprise application, in accordance with an embodiment of the present subject matter may be described. In one embodiment, the present subject matter is explained considering that the system 102 may be implemented as within a server 112 and connected to one or more networks 106, 108. It may be understood that the system 102 may also be implemented in a variety of computing systems, such as a laptop computer, a desktop computer, a notebook, a workstation, a mainframe computer, a server, a network server, a cloud-based computing environment and the like. Further, the system 102 also as a standalone system acting as an intermediary between the server 112, hereinafter referred to as an organization platform 112, comprising the enterprise application and devices 104-1, 104-2, 104-3….104-N.
[0017] Furthermore, the system 102 may be connected to a database 110. The database 110 may be a relational database, a real-time database, a cloud database, a distributed database and the like. In one example, the database 110 may store primary data associated the devices 104-1, 104-2, … 104-N registered with the organization platform. The primary data may comprise a registered device identification code, a primary access credentials and the like.
[0018] In another embodiment, the system 102 may also be implemented on client devices, hereinafter referred to as a device 104. It may be understood that the system 102 implemented supports a plurality of browsers and all viewports. Examples of the plurality of browsers may include, but not limited to, Chrome™, Mozilla™, Internet Explorer™, Safari™, and Opera™. It will also be understood that the system 102 may be accessed by multiple users through the devices 104-1, 104-2 … and 104-N, collectively referred to as the device 104 hereinafter, or applications residing on the device 104. Examples of the device 104 may include, but are not limited to, a portable computer, a mobile phone, a tablet device, a personal digital assistant, a handheld device, and a workstation. The device 104 are communicatively coupled to the system 102 through one or more networks 108, 106.
[0019] In one implementation, the network 108, 106 may be a wireless network, a wired network or a combination thereof. The network 106 can be implemented as one of the different types of networks, such as intranet, local area network (LAN), wide area network (WAN), the internet, telecom networks like GSM, 3G, 4G, LTE and the like. The network 106 may either be a dedicated network or a shared network. The shared network represents an association of the different types of networks that use a variety of protocols, for example, Hypertext Transfer Protocol (HTTP), Transmission Control Protocol/Internet Protocol (TCP/IP), UDP, and other Application layer protocols built on top of it, Wireless Application Protocol (WAP), and the like, to communicate with one another. Further the network 106 may include a variety of network devices, including routers, bridges, servers, computing devices, storage devices, and the like. In one example, the network 106 may be general network 106, and the network 108 may be a private network 108 within an organization.
[0020] In one implementation, a system 102 for providing selective access to an enterprise application, deployed over the organization platform, is disclosed. In one aspect, the system 102 may receive device data, associated with each device, from a set of devices. The device data may comprise a device identification code, a network parameter and the like. In one example, the set of devices may comprise a device registered with the organization platform 112 and a device not registered with the organization platform 112. Upon receiving the device data, the system 102 may identify one or more devices, from the set of devices, based on comparison of the device identification code and the registered device identification code stored at the database 110. Further, the system 102 may identify a network type utilized by the one or more devices to connect with the organization platform 112. The network type may be identified using the network parameter. In one embodiment, the network type may be one of the general network 106 and the private network 108.
[0021] Once the network type is identified, the system 102 may receive an access credentials from the one or more devices. In one example, the access credentials may be login ID, password, and the like. Upon receiving the access credentials, the system 102 may validate the access credentials, associated with the one or more devices, based on comparison of the access credentials and the primary access credentials stored at the database 110. Further, the system 102 may provide selective access to the one or more devices, for the enterprise application, based on the network type and the validation of the access credentials. In one embodiment, the enterprise application may be deployed over the organization platform 112. In one example, the access may be one of a private access, a public access, and a vendor access. Further, the system 102 for providing selective access to an enterprise application is illustrated.
[0022] Referring now to Figure 2, the system 102 for providing selective access to an enterprise application is illustrated in accordance with an embodiment of the present subject matter. In one embodiment, the system 102 may include at least one processor 202, an input/output (I/O) interface 204, and a memory 206. The at least one processor 202 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, and/or any devices that manipulate signals based on operational instructions. Among other capabilities, at least one processor 202 may be configured to fetch and execute computer-readable instructions stored in the memory 206.
[0023] The I/O interface 204 may include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, and the like. The I/O interface 204 may allow the system 102 to interact with the user directly or through the device 104. Further, the I/O interface 204 may enable the system 102 to communicate with other computing devices, such as web servers and external data servers (not shown). The I/O interface 204 can facilitate multiple communications within a wide variety of networks and protocol types, including wired networks, for example, LAN, cable, etc., and wireless networks, such as WLAN, cellular, or satellite. The I/O interface 204 may include one or more ports for connecting a number of devices to one another or to another server.
[0024] The memory 206 may include any computer-readable medium or computer program product known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes. The memory 206 may include modules 208 and data 210.
[0025] The modules 208 include routines, programs, objects, components, data structures, etc., which perform particular tasks or implement particular abstract data types. In one implementation, the modules 208 may include a receiving module 212, an identification module 214, a validation module 216, an access module 218, and other modules 220. The other modules 220 may include programs or coded instructions that supplement applications and functions of the system 102. The modules 208 described herein may be implemented as software modules that may be executed in the cloud-based computing environment of the system 102.
[0026] The memory 206, amongst other things, serves as a repository for storing data processed, received, and generated by one or more of the modules 208. The memory 206 may include data generated as a result of the execution of one or more modules in the other modules 220. In one implementation, the memory may include data 210. Further, the data 210 may include a system data 222 for storing data processed, received, and generated by one or more of the modules 208. Furthermore, the data 210 may include other data 224 for storing data generated as a result of the execution of one or more modules in the other modules 220.
[0027] In one implementation, a user may use the device 104 to access the system 102 via the I/O interface 204. The user may register using the I/O interface 204. In one aspect, the user may access the I/O interface 204 of the system 102 for obtaining information or enabling input information. In one implementation the system 102 may automatically provide information to the user through I/O interface 204.
RECEIVING MODULE 212
[0028] In one implementation, the receiving module 212 may receive device data associated with each device, from a set of devices. In one example, the set of devices may comprise a device registered with the organization platform 112, and a device not registered with the organization platform 112. In one embodiment, the device data may comprise a device identification code, a network parameter and the like. In one example, the device identification code may be unique for each device. In one example, the network parameters may comprise an Internet Protocol address (IP address), a Media Access Control address (MAC address) and the like. Once the device data is received, the receiving module 212 may store the device data at the system data 222.
IDENTIFICATION MODULE 214
[0029] Upon receiving the device data, the identification module 214 may identify one or more devices, from the set of devices, registered with the organization platform 112. In one embodiment, the one or more devices may be identified based on comparison of the device identification code and the registered device identification code stored at the database 110. In one example, the one or more devices may be the devices 104-1, 104-2, 104-3, … 104-N. In one embodiment, the identification module 214 may send message to one or more unregistered devices, from the set of devices. The message may indicate that the unregistered devices are not registered with the organization platform 112.
[0030] In one exemplary embodiment, considering a set of 15 devices such as device-1, device-2, device-3, … device-15. The receiving module 212 may receive the device data, associated with each device, from the set of 15 devices. In one example, the device data may comprise a device identification code, and a network parameter. Further, the identification module 214 may identify 5 devices such as device-2, device-4, device-6, device-11, and device-13, from the set of 15 devices. The 5 devices may be identified based on comparison of the device identification code and the registered device identification code stored at the database 110. In one example, the identification module 214 may send message to the remaining 10 devices. In one more example, the message may indicate that the remaining 10 devices may not be registered with the organization platform 112.
[0031] Once the one or more devices are identified, the identification module 214 may further identify a network type utilized by the one or more devices to connect with the organization platform 112. In one embodiment, the identification module 214 may analyze the network parameter associated with the one or more devices, to identify the network type. In one example, the network type may be one of the general network 106 or the private network 108. The private network 108 may correspond to the network, available within an organization. The general network 106 may correspond to the network other than the network available within the organization. In one example, the general network 106 may be referred as a public network.
[0032] In one exemplary embodiment, considering the user using a mobile device. The mobile device may be registered with the organization platform 112. In the embodiment, the user may connect the mobile device to the organization platform 112 via network available within the organization. In this case, the mobile device may be using the private network 108. In another embodiment, the user may connect the mobile device to the organization platform 112 via other Wi-Fi. In this case, the mobile device may be connected using the general network.
VALIDATION MODULE 216
[0033] Further to identification, the validation module 216 may receive an access credentials from the one or more devices. In one example, the access credentials may correspond to login ID, password, and the like. In one more example, the access credentials associated with each device may be unique. In one example, the access provided to each device may vary based on the access credentials.
[0034] Once the access credentials are received, the validation module 216 may validate the access credentials, associated with the one or more devices. In one aspect, the access credentials may be validated based on comparison of the access credentials and the primary access credentials stored at the database. In one example, the validation module 216 may send a notification to a device, from the one or more devices, when the access credentials are invalid. The notification may indicate an unauthorized access from the device.
[0035] In one embodiment, the validation module 216 may generate a primary access token, in real time, associated with the one or more devices. In one aspect, the validation module 216 may transmit the primary access token to the one or more devices. Upon transmission of the primary access token, the validation module 216 may receive a secondary access token from the one or more devices. Further, the validation module 216 may validate the access credentials based on comparison of the primary access credential and the secondary access credentials. In one more example, the access token may correspond to One Time Password (OTP), Captcha code and the like. In one aspect, the access token may be valid for a particular time interval.
ACCESS MODULE 218
[0036] Upon validation of the access credentials, the access module 218 may provide selective access to the one or more devices for the enterprise application based on the network type and the validation of the access credentials. In one embodiment, the enterprise application may be deployed over the organization platform 112. In one example, the enterprise application may be a leave management app, a meeting management app, a recruitment management app, and the like. In another example, the enterprise application may correspond to one or more applications useful to an employee, a vendor associated with the organization, and the like. In one embodiment, the access, provided to the one or more devices, may be one of a private access, a public access, and a vendor access. In one example, the access module 218 may provide different access to each device based on the access credentials.
[0037] In one aspect, the access module 218 may provide the private access to the one or more devices, when the device is connected to the organization platform 112 via the private network 108. In one example, the private access may be a secured access. In one more example, private access may correspond to full access provided to the one or more devices for the enterprise application.
[0038] In another aspect, the access module 218 may provide one of the public access or the vendor access to the one or more devices, when the device is connected to the organization platform 112 via the general network 106. In one example, the public access and the vendor access may correspond to partial access provided to the one or more devices for the enterprise application. In one example, the access module 218 may provide one of the public access and the vendor access to the one or more devices based on the access credentials.
[0039] In one aspect, the access provided to the one or more devices may vary between the private access and the public access based on the network type. In one example, the access module 218 may provide the private access to a device, when the device is connected to the organization platform 112 via the private network 108. Further, the access module 218 may provide the public access to the device, when the device is connected to the organization platform 112 via the general network 106.
[0040] In one exemplary embodiment, consider Jack a Human Resource head (HR head) in an organization. In one example, Jack may use a Device-A to access an enterprise application. In one example, the enterprise application may be a leave management app. In one more example, the Device-A may be connected to the organization platform 112 via network within the organization. In an embodiment, the access module 218 may provide full access to the Device-A for the leave management app. In the embodiment, Jack may be able to add leave, approve leave, and check leave of other employees in the organization. In another example, the device-A may be connected to the organization platform 112 via internet of the Device-A. In an embodiment, the access module 218 may provide partial access to the Device-A for the leave management app. In the embodiment, Jack may be able to add leave. In this case, Jack may not be able to approve leave and check leave of other employees in the organization.
[0041] In another exemplary embodiment, consider Shiva a vendor associated with the organization. In one example, Shiva may use a Device-B to access an enterprise application. In another example, the Device-B may be connected to the organization platform 112 via the general network. In this case, Shiva may be able to access the enterprise application such as a customer order app, a customer rating app and the like.
[0042] Exemplary embodiments discussed above may provide certain advantages. Though not required to practice aspects of the disclosure, these advantages may include those provided by the following features.
[0043] Some embodiments of the system and the method enable data security.
[0044] Some embodiments of the system and the method enable location based access.
[0045] Some embodiments of the system and the method increase employee and organization efficiency.
[0046] Referring now to Figure 3, a method 300 for providing selective access to an enterprise application is shown, in accordance with an embodiment of the present subject matter. The method 300 may be described in the general context of computer executable instructions. Generally, computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, functions, etc., that perform particular functions or implement particular abstract data types.
[0047] The order in which the method 300 is described is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method 300 or alternate methods for enabling selective access to enterprises applications. Additionally, individual blocks may be deleted from the method 300 without departing from the spirit and scope of the subject matter described herein. Furthermore, the method 300 for providing selective access to an enterprise application can be implemented in any suitable hardware, software, firmware, or combination thereof. However, for ease of explanation, in the embodiments described below, the method 300 may be considered to be implemented in the above described system 102.
[0048] At block 302, device data may be received from a set of devices. In one implementation, the receiving module 212 may receive device data from a set of devices. In one example, the set of devices may comprise device registered with the organization platform 112, and device not registered with the organization platform 112. In one embodiment, the device data may comprise a device identification code, a network parameter and the like.
[0049] At block 304, one or more devices, from the set of devices, registered with the organization platform 112, may be identified. In one implementation, the identification module 214 may identify the one or more devices, from the set of devices. In one example, the one or more devices may be registered with the organization platform 112. In one embodiment, the one or more devices may be identified based on comparison of the device identification code and a registered device identification code at the database 110.
[0050] At block 306, a network type utilized by the one or more devices, to connect with the organization platform 112, may be identified. In one implementation, the identification module 214 may identify the network type utilized by the one or more devices to connect with the organization platform 112. In one embodiment, the network type may be identified based on the network parameter associated with the one or more devices. In one example, the network type may be one of the general network 106 or the private network 108.
[0051] At block 308, an access credentials may be received from the one or more devices. In one implementation, the validation module 216 may receive an access credentials from the one or more devices. Once the access credentials are received, the access credentials, associated with the one or more devices, may be validated, based on comparison of the access credentials and a primary access credentials stored at the database 110.
[0052] At block 310, selective access may be provided to the one or more devices for the enterprise application based on the network type and the validation of the access credentials. In one implementation, the access module 218 may provide selective access to the one or more devices for the enterprise application based on the network type and the validation of the access credentials. In one embodiment, the enterprise application may be deployed over the organization platform 112. In one embodiment, the access, provided to the one or more devices, may be one of an access a private access, a public access, and a vendor access.
[0053] Exemplary embodiments discussed above may provide certain advantages. Though not required to practice aspects of the disclosure, these advantages may include for providing selective access to an enterprise application. Although implementations for methods and system for providing selective access to the enterprise application have been described in language specific to structural features and/or methods, it is to be understood that the appended claims are not necessarily limited to the specific features or methods described. Rather, the specific features and methods are disclosed as examples of implementations for providing selective access to the enterprise application.
,CLAIMS:1. A method for providing selective access to an enterprise application, the method comprises steps of:
receiving, by a processor, device data from a set of devices, wherein the device data comprises a device identification code and a network parameter;
identifying, by the processor, one or more devices from the set of devices based on comparison of the device identification code and a registered device identification code stored at a database, wherein the one or more devices are registered with an organization platform;
identifying, by the processor, a network type utilized by the one or more devices to connect with the organization platform using the network parameter;
receiving, by the processor, an access credentials from the one or more devices;
validating, by the processor, the access credentials associated with the one or more devices based on comparison of the access credentials with a primary access credentials stored at the database; and
providing, by the processor, selective access to the one or more devices for an enterprise application based on the network type and the validation of the access credentials, wherein the enterprise application is deployed over the organization platform.

2. The method of claim 1, wherein the validation of the access credentials further comprises:
generating a primary access token in real time associated with the one or more devices;
transmitting the primary access token to the one or more devices;
receiving a secondary access token from the one or more devices; and
validating the access credentials associated with the one or more devices based on comparison of the primary access token and the secondary access token.

3. The method of claim 1, wherein the access provided to the one or more devices corresponds to one of a private access, a public access and a vendor access.

4. The method of claim 1, wherein the network type is one of a private network and a general network.

5. A system for providing selective access to an enterprise application, the system comprising:
a memory;
a processor coupled with the memory, wherein the processor is configured to execute programmed instructions stored in the memory to:
receive device data associated from a set of devices, wherein the device data comprises a device identification code and a network parameter;
identify one or more devices from the set of devices based on comparison of the device identification code and a registered device identification code stored at a database, wherein the one or more devices are registered with an organization platform;
identify a network type utilized by the one or more devices to connect with the organization platform using the network parameter;
receive an access credentials from the one or more devices;
validate the access credentials associated with the one or more devices based on comparison of the access credentials and a primary access credentials stored at the database; and
provide selective access to the one or more devices for an enterprise application based on the network type and the validation of the access credentials, wherein the enterprise application is deployed over the organization platform.

6. The system of claim 5, wherein the validation of the access credentials further comprises:
generating a primary access token in real time associated with the one or more devices;
transmitting the primary access token to the one or more devices;
receiving a secondary access token from the one or more devices; and
validating the access credentials associated with the one or more devices based on comparison of the primary access token and the secondary access token.

7. The system of claim 5, wherein the access provided to the one or more devices corresponds to one of a private access, a public access and a vendor access.

8. The system of claim 5, wherein the network type is one of a private network, and a general network.

9. A computer program product having embodied thereon a computer program for providing a selective access to an enterprise application, the computer program product comprises:
a program code for receiving device data from a set of devices, wherein the device data comprises a device identification code and a network parameter;
a program code for identifying one or more devices from the set of devices based on comparison of the device identification code and a registered device identification code stored at a database, wherein the one or more devices are registered with an organization platform;
a program code for identifying a network type utilized by the one or more devices to connect with the organization platform using the network parameters;
a program code for receiving an access credentials from the one or more devices;
a program code for validating the access credentials associated with the one or more devices based on comparison of the access credentials and a primary access credentials stored at the database; and
a program code for providing selective access to the one or more devices for an enterprise application based on the network type and the validation of the access credentials, wherein the enterprise application is deployed over the organization platform.