CONTEXT-BASED NETWORK SECURITY
First Claim
Patent Images
1. A method of implementing context-based security on a computer network, the method comprising:
- receiving, at a network application server, a request from a client application executing on a client computer system to access a network resource;
transmitting, from the network application server to a network context server, a request for network context information about the client computer system;
acquiring, by the network context server from a network context database, network context information about the client computer system; and
transmitting, from the network context server to the network application server, network context information acquired by the network context server;
the network application server controlling access to the network resource by the client computer system based at least in part on the acquired network context information.
8 Assignments
0 Petitions
Accused Products
Abstract
Context-based network security is provided for streamlined access control over a computer network and components on the computer network. More particularly, methods, instructions on computer-readable media and systems are provided for collecting network context information about a client computer system connecting to the computer network, making the network context information available to various components on the computer network, and using the network context information to control the client computer system'"'"'s (or a client application executing thereon) access to one or more network resources.
100 Citations
39 Claims
-
1. A method of implementing context-based security on a computer network, the method comprising:
-
receiving, at a network application server, a request from a client application executing on a client computer system to access a network resource; transmitting, from the network application server to a network context server, a request for network context information about the client computer system; acquiring, by the network context server from a network context database, network context information about the client computer system; and transmitting, from the network context server to the network application server, network context information acquired by the network context server; the network application server controlling access to the network resource by the client computer system based at least in part on the acquired network context information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer system for controlling access to a computer network, the computer system being configured to:
-
receive network-level credentials from a network access controller, the network-level credentials being associated with a client computer system attempting to gain access to the computer network; receive network contest information from the network access controller, the network context information including information about the client computer system; store the network context information in a network context database; authenticate the network-level credentials against a credential database; generate an authentication response from a result of the authentication against the credential database; generate an authorization response adapted to be used by a network access controller to control the client computer system'"'"'s access to the computer network, the authorization response being based at least in part on the network context information; and transmit the authentication and authorization responses to the network access controller. - View Dependent Claims (9, 10, 11, 12, 13, 15)
-
-
16. A computer system for providing network context information to one or more network applications, the computer system being configured to:
-
receive a request for network context information from a network application, the network context information relating to a client computer system executing a client application that is communicating with the network application; acquire the requested network context information from a network context database; and transmit the acquired network context information to the network application. - View Dependent Claims (14, 17, 18, 19, 20, 21)
-
-
22. A storage medium, readable by a first processor of a first computer system, having embodied therein a first computer program of commands executable by the first processor, the program being adapted to be executed to:
-
receive over a computer network a request for access to a network resource from a client application executing on a client computer system; transmit over the computer network a request for network context information about the client computer system to a second computer system executing a network context service; receive from the second computer system network context information about the client computer system; grant the client application access to the network resource based on the network context information. - View Dependent Claims (23, 24, 25, 26, 27)
-
-
28. A storage medium, readable by a processor of a client computer system, having embodied therein a first computer program of commands executable by the processor, the program being adapted to be executed to:
-
transmit a request for access to a computer network to a network access controller residing on the computer network; receive a request for network-level credentials from the network access controller; acquire network-level credentials; transmit the network-level credentials to the network access controller; acquire network context information about the client computer system; transmit the network context information to the network access controller; and thereafter, receive permission to access the computer network from the network access controller. - View Dependent Claims (29, 30, 31)
-
-
32. A system for implementing context-based security on a computer network, the system comprising:
-
at least one network application server; a network context server; and a network context database; wherein the at least one network application server is configured to; receive, from a client application executing on a client computer system, a request to access a network resource; transmit, to the network context server, a request for network context information about the client computer system; receive, from the network context server, network context information about the client computer system; control the client application'"'"'s access to the network resource based on the network context information; and wherein the network context server is configured to; receive, from the at least one network application server, a request for network context information about the client computer system; acquire, from the network context database, network context information about the client computer system; and transmit, to the network application server, the acquired network context information. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39)
-
Specification