Method, a portal system, a portal server, a personalized access policy server, a firewall and computer software products for dynamically granting and denying network resources
First Claim
1. A method to provide a dynamically defined limited Internet access to a user'"'"'s terminal client wherein a portal server, providing a portal web site with portal information identifying the set of accessible resources, the terminal client having access to said portal web site, dynamically deriving a set of granted resources from the portal web site with respect to user'"'"'s grants and with respect to already accessed resources by a personalized access policy server (pAPS), accessing granted resources, only, via a firewall located between the terminal client and the Internet, and configuring the firewall individually, just in time for said user such that only said granted resources are permitted.
9 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to an personalized access policy server (pAPS) C1 deriving dynamically granted resources with respect to user'"'"'s grants and with respect to already accessed resources. It relates to a method for providing dynamically defined limited Internet access to a user'"'"'s terminal client A1, wherein a portal server C2 provides a portal web site with portal information identifying the set of accessible resources, the terminal client A1 has access to said portal web site; from the portal web site a set of granted resources B3 is dynamically derived with respect to user'"'"'s grants and with respect to already accessed resources by the personalized access policy server. Further it relates to a portal system, a portal server C2, a personalized access policy server (pAPS) C1, a firewall B2, and corresponding computer software products.
80 Citations
15 Claims
-
1. A method to provide a dynamically defined limited Internet access to a user'"'"'s terminal client wherein
a portal server, providing a portal web site with portal information identifying the set of accessible resources, the terminal client having access to said portal web site, dynamically deriving a set of granted resources from the portal web site with respect to user'"'"'s grants and with respect to already accessed resources by a personalized access policy server (pAPS), accessing granted resources, only, via a firewall located between the terminal client and the Internet, and configuring the firewall individually, just in time for said user such that only said granted resources are permitted.
-
8. A portal system to provide a dynamically defined limited Internet access to a user'"'"'s terminal client comprising
a portal server providing a portal web site with portal information identifying the set of to be accessible resources, said terminal client having access to said portal web site, a personalized access policy server (pAPS) deriving dynamically granted resources with respect to user'"'"'s grants and with respect to already accessed resources, and a firewall located between the terminal client and the Internet configured individually, just in time for said user such that only said granted resources are permitted.
- 9. A portal server for providing a portal web site with portal information comprising means for identifying the set of to be accessible resources, an interface to a personalized access policy server (pAPS) providing and retrieving granting information, and an interface to an individually and just in time configured firewall providing granted resources.
-
11. A personalized access policy server (pAPS) deriving dynamically granted resources with respect to user'"'"'s grants and with respect to already accessed resources comprising
authentication means for authentication and authorization of a user, accounting means for recognizing already accessed resources, and for deriving a set of dynamically granted resources to said user, and granting means for instructing a firewall with respect to the set of dynamically granted resources.
-
12. A firewall providing a dynamically defined limited Internet access to a user'"'"'s terminal client comprising
configuration means for configuring dynamically a current set of granted resources for a terminal client and/or a user, and granting means for individually, just in time permitting access, only to said set of granted resources for said terminal client and/or said user.
-
13. A computer software product deriving dynamically granted resources with respect to user'"'"'s grants and with respect to already accessed resources implementing an access policy by
authenticating and authorizing a user, recognizing already accessed resources, deriving a set of dynamically granted resources to said user, and instructing a firewall with respect to the set of dynamically granted resources.
-
14. A computer software product providing a portal web site with portal information by identifying the set of to be accessible resources.
-
15. A computer software product providing a dynamically defined limited Internet access to a user'"'"'s terminal client by
configuring dynamically a current set of granted resources for a terminal client and/or a user, and individually, just in time permitting access, only to said set of granted resources for said terminal client and/or said user.
Specification