A SYSTEM AND METHOD FOR EXECUTING INTERACTIVE APPLICATIONS WITH MINIMAL PRIVILEGES
First Claim
1. A method for providing secure access to applications, the method comprising the steps of:
- receiving a request from a user to execute an application;
determining a minimal set of computing privileges necessary for the user to use the requested application; and
invoking an execution environment for the user having the determined set of privileges.
7 Assignments
0 Petitions
Accused Products
Abstract
A mechanism for running interactive applications with a minimal set of privileges is disclosed. The privileges form a subset of the privileges afforded to the user requesting the application and are allocated consistent with the principle of least privilege. The application runs with the minimal amount of permissions necessary to accomplish its assigned tasks. A new user account is created and provisioned or identified for each application to which a user requests access. The accounts have a subset or superset of the access rights and operating system privileges that the user who is logged on to the system and requesting access to the application ordinarily enjoys. The subset/superset of the user'"'"'s privileges is determined by a policy-based decision system. The policy-based decision system makes its determination based on an analysis of the application requirements, an analysis of the data security and privacy concerns associated with the execution of the application, the identity of the user and user'"'"'s role and any other policy considerations previously specified by an administrator. Once the determination as to the appropriate set of privileges to be afforded in the execution environment has been made, the execution environment is created and provisioned or a pre-existing execution environment possessing the requisite privileges is identified and the remote user is logged into the server-side account. The application-specific accounts may be audited by audit trail tools that provide evidence of policy enforcement.
71 Citations
29 Claims
-
1. A method for providing secure access to applications, the method comprising the steps of:
-
receiving a request from a user to execute an application;
determining a minimal set of computing privileges necessary for the user to use the requested application; and
invoking an execution environment for the user having the determined set of privileges. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An application server system providing secure access to hosted applications, the system comprising:
-
a policy based decision system receiving a request from a user to execute an application and determining a minimal set of privileges required by the user to execute the application; and
an account administration service in communication with said policy based decision system, the account administration service invoking an execution environment for the user having the determined set of privileges. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. An article of manufacture having embodied thereon computer-readable program means for providing secure access to applications, the article of manufacture comprising:
-
computer-readable program means for receiving a request from a user to execute an application;
computer-readable program means for determining a minimal set of computing privileges necessary for the user to use the requested application; and
computer-readable program means for invoking an execution environment for the user having the determined set of privileges.
-
- 27. The article of manufacture of claim 27 further comprising computer-readable program means for accessing a policy-based decision system to determine a minimal set of computing privileges necessary for the user to use the requested application.
-
29. An application server system providing secure access to hosted applications, the system comprising:
-
a policy based decision system receiving a request from a user to execute an application and determining a minimal set of privileges required by the user to execute the application;
an account administration service in communication with said policy based decision system, the account administration service invoking an execution environment for the user having the determined set of privileges; and
a connection manager in communication with said policy based decision system, said connection manager receiving from a client system an RDP request by the user to execute the application and transmitting to said policy based decision system an identification of said user and an identification of said application.
-
Specification