A SYSTEM AND METHOD FOR EXECUTING INTERACTIVE APPLICATIONS WITH MINIMAL PRIVILEGES

US 20060015740A1
Filed: 07/02/2004
Published: 01/19/2006
Est. Priority Date: 07/02/2004
Status: Active Grant

First Claim

Patent Images

1. A method for providing secure access to applications, the method comprising the steps of:

receiving a request from a user to execute an application;

determining a minimal set of computing privileges necessary for the user to use the requested application; and

invoking an execution environment for the user having the determined set of privileges.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism for running interactive applications with a minimal set of privileges is disclosed. The privileges form a subset of the privileges afforded to the user requesting the application and are allocated consistent with the principle of least privilege. The application runs with the minimal amount of permissions necessary to accomplish its assigned tasks. A new user account is created and provisioned or identified for each application to which a user requests access. The accounts have a subset or superset of the access rights and operating system privileges that the user who is logged on to the system and requesting access to the application ordinarily enjoys. The subset/superset of the user'"'"'s privileges is determined by a policy-based decision system. The policy-based decision system makes its determination based on an analysis of the application requirements, an analysis of the data security and privacy concerns associated with the execution of the application, the identity of the user and user'"'"'s role and any other policy considerations previously specified by an administrator. Once the determination as to the appropriate set of privileges to be afforded in the execution environment has been made, the execution environment is created and provisioned or a pre-existing execution environment possessing the requisite privileges is identified and the remote user is logged into the server-side account. The application-specific accounts may be audited by audit trail tools that provide evidence of policy enforcement.

71 Citations

View as Search Results

29 Claims

1. A method for providing secure access to applications, the method comprising the steps of:
- receiving a request from a user to execute an application;
  
  determining a minimal set of computing privileges necessary for the user to use the requested application; and
  
  invoking an execution environment for the user having the determined set of privileges.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, comprising the further step of:
    - returning an identifier for the execution environment to the requesting user.
  - 3. The method of claim 2, wherein the identifier is used to using the identifier and a remote presentation level protocol to connect the user to the execution environment.
  - 4. The method of claim 1 wherein step (a) comprises receiving an HTTP-based request from a user to execute an application.
  - 5. The method of claim 1 wherein step (b) comprises accessing a policy-based decision system to determine a minimal set of computing privileges necessary for the user to use the requested application.
  - 6. The method of claim 1 wherein step (b) comprises analyzing requirements of an application to determine a minimal set of privileges necessary for the user to use the requested application.
  - 7. The method of claim 1 further comprising the step of receiving an indication of a dataset on which the application operates.
  - 8. The method of claim 5 wherein step (b) comprises accessing a confidentiality policy associated with the identified dataset to determine a minimal set of computing privileges necessary for the user to use the requested application.
  - 9. The method of claim 1 wherein step (b) further comprises determining a minimal set of computing privileges necessary for the user to use the requested application based, at least in part, on a role assigned to the user.
  - 10. The method of claim 1 wherein step (c) further comprises creating an execution environment for the user having the determined set of privileges.
  - 11. The method of claim 1 wherein step (c) further comprises identifying a previously-existing execution environment for the user having the determined set of privileges.
  - 12. The method of claim 1 further comprising the step of receiving from the user a request to execute a second application.
  - 13. The method of claim 10 further comprising the steps of:
    - determining a minimal set of computing privileges necessary for the user to use the second requested application; and
      
      invoking a second execution environment for the user having the second determined set of privileges.
  - 14. The method of claim 1 further comprising the steps of initiating a connection with a client system associated with the user.

15. An application server system providing secure access to hosted applications, the system comprising:
- a policy based decision system receiving a request from a user to execute an application and determining a minimal set of privileges required by the user to execute the application; and
  
  an account administration service in communication with said policy based decision system, the account administration service invoking an execution environment for the user having the determined set of privileges.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 16. The system of claim 15 further comprising a connection manager in communication with said policy based decision system, said connection manager receiving from a client system a request by the user to execute the application and transmitting to said policy based decision system an identification of said user and an identification of said application.
  - 17. The system of claim 16 wherein said connection manager communicates with the client using a presentation-level protocol.
  - 18. The system of claim 17 wherein said presentation-level protocol is selected from the group consisting of RDP, ICA, and X.
  - 19. The system of claim 15 wherein said connection manager transmits an identification of the user'"'"'s role to said policy based decision system.
  - 20. The system of claim 15 wherein said policy-based decision system is based on a declared plurality of rules.
  - 21. The system of claim 15 wherein said policy-based decision system analyzes a set of requirements of the requested application to determine a minimal set of privileges required by the user to execute the requested application.
  - 22. The system of claim 15 wherein said connection manager receives an identification of a dataset that the application will process.
  - 23. The system of claim 18 wherein said policy based decision system accesses a confidentiality policy associate with the identified dataset to determine a minimal set of privileges required by the user to execute the application.
  - 24. The system of claim 15 wherein said account administration service creates an execution environment having the determined minimal set of privileges.
  - 25. The system of claim 15 wherein said account administration service identifies a previously-existing execution environment having the determined minimal set of privileges.

26. An article of manufacture having embodied thereon computer-readable program means for providing secure access to applications, the article of manufacture comprising:
- computer-readable program means for receiving a request from a user to execute an application;
  
  computer-readable program means for determining a minimal set of computing privileges necessary for the user to use the requested application; and
  
  computer-readable program means for invoking an execution environment for the user having the determined set of privileges.

27. The article of manufacture of claim 27 further comprising computer-readable program means for accessing a policy-based decision system to determine a minimal set of computing privileges necessary for the user to use the requested application.
- View Dependent Claims (28)
- - 28. The article of manufacture of claim 27 further comprising computer-readable program means for determining a minimal set of computing privileges necessary for the user to use the requested application based, at least in part, on a role assigned to the user.

29. An application server system providing secure access to hosted applications, the system comprising:
- a policy based decision system receiving a request from a user to execute an application and determining a minimal set of privileges required by the user to execute the application;
  
  an account administration service in communication with said policy based decision system, the account administration service invoking an execution environment for the user having the determined set of privileges; and
  
  a connection manager in communication with said policy based decision system, said connection manager receiving from a client system an RDP request by the user to execute the application and transmitting to said policy based decision system an identification of said user and an identification of said application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
KRAMER, Andre

Granted Patent

US 7,587,755 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/52 during program execution, e...

A SYSTEM AND METHOD FOR EXECUTING INTERACTIVE APPLICATIONS WITH MINIMAL PRIVILEGES

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

71 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

A SYSTEM AND METHOD FOR EXECUTING INTERACTIVE APPLICATIONS WITH MINIMAL PRIVILEGES

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links