Resource Restriction Systems and Methods
First Claim
Patent Images
1. A method, comprising:
- defining launch restrictions for a user;
receiving an execution call to an operating system for an application launch;
intercepting the execution call above a user level;
determining above the user level if the launch restrictions for the user restrict the application launch; and
canceling the execution call if the launch restrictions for the user restrict the application launch.
2 Assignments
0 Petitions
Accused Products
Abstract
Resource restrictions are associated with a user identifier. A resource restriction agent receives operating system calls related for resources and provides resource request data to a resource agent. The resource agent determines whether the resource is restricted based on the resource request data and resource restriction data and generates access data based on the determination. The resource restriction agent grants or denies the system call based on the access data.
-
Citations
27 Claims
-
1. A method, comprising:
-
defining launch restrictions for a user; receiving an execution call to an operating system for an application launch; intercepting the execution call above a user level; determining above the user level if the launch restrictions for the user restrict the application launch; and canceling the execution call if the launch restrictions for the user restrict the application launch. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system, comprising:
-
a data store associating launch restrictions with a user identifier; a launch restriction extension configured to intercept execution calls to a kernel for an application launch and determine resource request data associated with the execution call, and further configured to provide the resource request data to a user agent and receive launch data in response, and grant or deny the execution call based on the launch data; and a user agent configured to execute above a user level and access the data store and determine whether an application launch is restricted based on the resource request data provided by the launch restriction agent and generate the launch data based on the determination. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system, comprising:
-
a data store associating resource restrictions with a user identifier; a resource restriction service configured to receive system calls related to resources and directed to an operating system, determine resource request data associated with the system call, and further configured to provide the resource request data to a resource agent and receive access data in response, and grant or deny the system call based on the access data; and a resource agent configured to execute above a user level and access the data store and determine whether the resource is restricted based on the resource request data provided by the resource restriction agent and generate the access data based on the determination. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. A system, comprising:
-
a data store associating resource restrictions with user identifiers; a resource restriction service configured to receive system calls related to resources and directed to an operating system, provide resource request data to a resource agent and receive access data in response, and grant or deny the system call based on the access data; and a resource agent configured to execute above a user level and in response to the resource request data, determine a user identifier associated with an active user and determine whether the user identifier has associated resource restrictions, and upon determining that the user identifier has associated resource restrictions, determine whether the resource is restricted based on the resource request data provided by the resource restriction agent and generate the access data based on the determination. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification