System, Method, Apparatus, and Computer Program Product for Facilitating Digital Communications
First Claim
1. A computer-implemented method for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
- storing a plurality of client policies on the remote computer, at least one of the client policies including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer;
receiving a request from a user of the remote computer for access to the secured computer;
determining an identity of the user;
selecting, based on the identity of the user, the one of the plurality of client policies that will most reduce the likelihood of a security breach of the secured computer;
verifying that the remote computer conforms with the selected client policy; and
connecting the client to the secured computer if the remote computer conforms with the selected client policy.
7 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method and apparatus prevents unsecured access to a computer over a network by a client running on a remote computer. In one aspect of the present invention, a client policy is stored on the remote computer. The client policy includes a configuration of the remote computer that reduces the likelihood of a security breach of the computer as a result of the remote computer accessing the computer. A request is received from a user for access to the computer. It is verified that the remote computer conforms with the client policy, and the client is connected to said computer.
85 Citations
28 Claims
-
1. A computer-implemented method for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
storing a plurality of client policies on the remote computer, at least one of the client policies including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; receiving a request from a user of the remote computer for access to the secured computer; determining an identity of the user; selecting, based on the identity of the user, the one of the plurality of client policies that will most reduce the likelihood of a security breach of the secured computer; verifying that the remote computer conforms with the selected client policy; and connecting the client to the secured computer if the remote computer conforms with the selected client policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
transmitting a client policy to the remote computer, the client policy including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; receiving information of an identity of a user operating the remote computer; receiving information of a policy violation from the remote computer, the existence of the policy violation being based on the identity of the user; and modifying access rights of the user to operate the secured computer based on the policy violation. - View Dependent Claims (10)
-
-
11. A computer program product including a computer storage medium, the computer storage medium including at least one of volatile and non-volatile media, and a computer program code mechanism embedded in the computer storage medium for preventing unsecured access to a secured computer over a network by a client running on a remote computer, the computer code mechanism comprising:
-
a computer code device configured to store a client policy on the remote computer, the client policy including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; a computer code device configured to receive a request from a user of the remote computer for access to the secured computer; a computer code device configured receive information of an identity of the user; a computer code device configured to determine whether the remote computer conforms with the client policy, the determination being based on the identity of the user; and a computer code device configured to connect the client to the secured computer; wherein the remote computer accesses the secured computer over the network if the remote computer conforms with the client policy.
-
-
12. A computer program product including a computer storage medium, the computer storage medium including at least one of volatile and non-volatile media, and a computer program code mechanism embedded in the computer storage medium for preventing unsecured access to a secured computer over a network by a client running on a remote computer, the computer code mechanism comprising:
-
a computer code device configured to transmit a client policy to the remote computer, the client policy including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; a computer code device configured to receive information of an identity of a user operating the remote computer; a computer code device configured to receive information of a policy violation from said remote computer, the existence of the policy violation being based on the identity of the user; and a computer code device configured to modify access rights of the user operating the remote computer, wherein the remote computer cannot access the secured computer over the network until the policy violation is removed.
-
-
13. An apparatus for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
means for storing a plurality of client policies on the remote computer, at least one of said client policies including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; means for receiving a request from a user of the remote computer for access to the secured computer, the request including information of an identity of the user; means for identifying a required one of said plurality of client policies based on the identity of the user; means for verifying that the remote computer conforms with the required client policy; and means for connecting the client to the secured computer if the remote computer conforms with the required client policy.
-
-
14. An apparatus for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
means for transmitting a client policy to the remote computer, the client policy including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; means for receiving information of an identity of a user operating the remote computer; means for receiving information of a policy violation from the remote computer, the existence of the policy violation being based on the identity of the user; means for modifying access rights of a user operating the remote computer based on the policy violation.
-
-
15. An apparatus for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
a storage mechanism configured to store a plurality of client policies on the remote computer, the client policy including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; an input/output device configured to receive a request from a user of the remote computer for access to the secured computer, the request including information of an identity of the user; and a processor configured to identify a required one of the client policies based on the identity of the user; a processor including a verification mechanism configured to verify that the remote computer conforms with the required client policy; wherein the input/output device is configured to connect the client to the secured computer if the remote computer conforms with the required client policy. - View Dependent Claims (16, 17, 18, 19)
-
-
20. An apparatus for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
an input/output device configured to transmit a client policy to the remote computer, the client policy including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer, the input/output device configured to receive a list of policy violations from the remote computer; an input/output device configured to receive a request from a user of the remote computer for access to the secured computer, the request including information of an identity of the user; and a processor configured to identify a required one of the client policies based on the identity of the user; a processor including a verification mechanism configured to verify that the remote computer conforms to the required client policy; and a processor including an access control mechanism configured to modify access rights of a user operating the remote computer for access to the secured computer. - View Dependent Claims (21)
-
-
22. A computer-implemented method for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
storing a plurality of client policies on the remote computer, at least one of the client policies including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; receiving a request from a specified user of the remote computer for access to the secured computer; determining an identity of the specified user; selecting, based on the identity of the specified user, the one of the plurality of client policies that will most reduce the likelihood of a security breach of the secured computer, the selected policy including a list of a list of forbidden applications that cannot run on the remote computer if the specified user is using the remote computer and a list of required applications that must run on the remote computer if the specified user is using the remote computer; verifying that the remote computer conforms with the selected client policy; and connecting the client to the secured computer if the remote computer conforms with the selected client policy. - View Dependent Claims (23, 24)
-
-
25. A computer-implemented method for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
storing a plurality of client policies on the remote computer, at least one of the client policies including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; receiving a request from a user at the remote computer for access to the secured computer; determining a status of the remote computer; selecting, based on the status of the remote computer, the one of the plurality of client policies that will most reduce the likelihood of a security breach of the secured computer; verifying that the remote computer conforms with the selected client policy; and connecting the client to the secured computer if the remote computer conforms with the selected client policy.
-
-
26. A computer-implemented method for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
transmitting a client policy to the remote computer, the client policy including a configuration of the remote computer that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; receiving information of a status of the remote computer; receiving information of a policy violation from the remote computer, the existence of the policy violation being based on the status of the remote computer; and modifying access rights of the remote computer to access a resource of the secured computer based on the policy violation.
-
-
27. A computer-implemented method for preventing unsecured access to a secured computer over a network by a client running on a remote computer, comprising:
-
storing a plurality of client policies on the remote computer, at least one of the client policies including information of a preferred connection method that reduces the likelihood of a security breach of the secured computer as a result of the remote computer accessing the secured computer; receiving a request from a user at the remote computer for access to the secured computer; determining a location of the remote computer; selecting, based on the status of the remote computer, the one of the plurality of client policies that will most reduce the likelihood of a security breach of the secured computer, the selected client policy including the preferred connection method; and connecting the client to the secured computer in accordance with the selected client policy and the preferred connection method. - View Dependent Claims (28)
-
Specification