EXTENSIBLE AUTHENTICATION MANAGEMENT
First Claim
1. A method for determining whether to grant users access a resource, comprising the steps of:
- receiving a first request from a first user to access the resource;
determining an access policy that is applicable to the first request;
providing a first gate included in the applicable access policy;
providing a first identifier identifying a first gate client corresponding to the first gate;
receiving at least a first response from the first user; and
granting the first request if the at least first response satisfies the applicable access policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for controlling access to a resource permits an administrator to make changes to access policies at a server level without having to update client code unless and until such updated code is actually needed by a client. Customizable, plug-in gates are provided to permit administrators fine grained control over access policy definition. The most updated versions of corresponding gate clients used to display the gates are identified to client systems when an access request is made. The updated gate clients are downloaded if and when requested by a client system that has not already stored the updated gate clients locally. The user'"'"'s responses to gate challenges are compared to responses presented by the user at registration. If the responses meet the access policy'"'"'s threshold for accuracy, the user is permitted to access the resource.
272 Citations
20 Claims
-
1. A method for determining whether to grant users access a resource, comprising the steps of:
-
receiving a first request from a first user to access the resource; determining an access policy that is applicable to the first request; providing a first gate included in the applicable access policy; providing a first identifier identifying a first gate client corresponding to the first gate; receiving at least a first response from the first user; and granting the first request if the at least first response satisfies the applicable access policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for obtaining access to a resource, comprising:
-
a processing unit; and a memory coupled with and readable by the processing unit and having stored therein instructions which, when executed by the processing unit, cause a gate framework module to perform the following acts; providing a first request from a first user to access the resource; receiving a first gate and a first identifier identifying a first gate client; determining whether the first gate client is stored locally; requesting, if the first gate client is not stored locally, the first gate client; receiving the first gate client; presenting the first gate using the first gate client; and providing a first response to the first gate. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer readable medium, executable on a computing system, including at least one tangible medium and encoding a computer program of instructions for executing a computer implemented method for determining whether to grant users to access a resource, comprising the steps of:
-
receiving a first request from a first user to access the resource, wherein the first request includes client cultural information referencing a first client culture; determining an access policy that is applicable to the first request; providing a first gate included in the applicable access policy; providing a first identifier, from a plurality of identifiers, identifying a first gate client, wherein the first gate client corresponds to the first gate and is adapted to the first client culture; receiving at least a first response from the first user; and granting the first request if the at least first response satisfies the applicable access policy. - View Dependent Claims (19, 20)
-
Specification