Resource based dynamic security authorization
First Claim
Patent Images
1. A computer-implemented method for managing access to a resource by sandboxed code included on a client, the method comprising:
- establishing a service connection between the resource and the client;
comparing evidence of the sandboxed code against a resource based policy associated with the resource; and
providing the sandboxed code access to the resource when the evidence is determined as sufficient according to the resource based policy.
2 Assignments
0 Petitions
Accused Products
Abstract
Access to a resource by sandboxed code is dynamically authorized by a client security system based on a resource based policy. A sandboxed application running on a client is granted access to a resource based on a resource based policy despite denial of the access based on a static policy associated with the client security system. The granting of access coincides with the determination that the threat to a user or the user'"'"'s information is not increased should the access be granted.
-
Citations
20 Claims
-
1. A computer-implemented method for managing access to a resource by sandboxed code included on a client, the method comprising:
-
establishing a service connection between the resource and the client;
comparing evidence of the sandboxed code against a resource based policy associated with the resource; and
providing the sandboxed code access to the resource when the evidence is determined as sufficient according to the resource based policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a sandboxed application that is included on a client;
a resource, wherein the resource is unaccessible to the sandboxed application according to a static policy;
a resource based policy, wherein the resource based policy is associated with resource;
a client security system that is configured to evaluate evidence of the authenticity of the sandboxed application, wherein the client security system grants the sandboxed code access to the resource when the evidence is sufficient according to the resource based policy. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-readable medium having stored thereon computer-executable instructions for dynamically managing access to a resource by sandboxed code included on a client, the computer-executable instructions comprising:
-
establishing a service connection between the resource and the client, wherein the service connection is separate from an unrestricted connection;
comparing evidence of the sandboxed code against a resource based policy associated with the resource; and
dynamically providing the sandboxed code access to the resource when the evidence is determined as sufficient according to the resource based policy, wherein the evidence is determined as sufficient when granting the sandboxed code access to the resource does not increase a threat level to a user.
-
Specification