Consigning Authentication Method
First Claim
1. A method for sharing electronic content between clients at a common trust level in a trust hierarchy associated with a network implementing policy-based management, the method comprising:
- receiving a first request from a first client for delivery of the electronic content to the first client at a first trust level in the trust hierarchy;
approving the delivery of the electronic content to the first client at a policy enforcement point in the network based at least in part on the first trust level in the trust hierarchy;
delivering the electronic content to the first client;
receiving a second request from a second client at the first trust level in the trust hierarchy, for permission to receive the electronic content from the first client, the second request including integrity information about the first client;
determining whether to allow the second client to receive the electronic content from the first client based at least in part on the integrity information about the first client; and
communicating to the second client the determination of whether the second client may receive the electronic content from the first client.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for sharing content between clients at a common trust level in a trust hierarchy associated with a network implementing policy-based management includes receiving integrity information from a first client at a first trust level in the trust hierarchy at a second client at the first trust level, requesting permission to receive electronic content from the first client, receiving a determination regarding the requested permission, and communicating the determination to the first client. The first client obtained content from a policy enforcement point in the network. The request for permission is made to the policy enforcement point and the request includes the integrity information. The determination is received from the policy enforcement point and is based in part on the integrity information about the first client. The second client communicates to the first client the determination of whether the second client receives the content from the first client.
39 Citations
18 Claims
-
1. A method for sharing electronic content between clients at a common trust level in a trust hierarchy associated with a network implementing policy-based management, the method comprising:
-
receiving a first request from a first client for delivery of the electronic content to the first client at a first trust level in the trust hierarchy; approving the delivery of the electronic content to the first client at a policy enforcement point in the network based at least in part on the first trust level in the trust hierarchy; delivering the electronic content to the first client; receiving a second request from a second client at the first trust level in the trust hierarchy, for permission to receive the electronic content from the first client, the second request including integrity information about the first client; determining whether to allow the second client to receive the electronic content from the first client based at least in part on the integrity information about the first client; and communicating to the second client the determination of whether the second client may receive the electronic content from the first client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for sharing content between clients at a common trust level in a trust hierarchy associated with a network implementing policy-based management, the method comprising:
-
receiving integrity information from a first client at a first trust level in the trust hierarchy at a second client at the first trust level, the first client having obtained content from a policy enforcement point in the network; requesting permission from the policy enforcement point to receive the electronic content from the first client, the request including the integrity information regarding the first client; receiving a determination from the policy enforcement point whether to allow the second client to receive the content from the first client based at least in part on the integrity information about the first client; and communicating to the first client the determination of whether the second client may receive the content from the first client. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A network system for sharing electronic content among clients at a common trust level in a trust hierarchy, the network system implementing policy-based management, the network system comprising:
-
a plurality of clients, each client having a respective trust level in the trust hierarchy; a storage unit configured to deliver electronic content to the plurality of clients; a policy enforcement point in electronic communication with the storage unit and a first one of the plurality of clients, the policy enforcement point configured to receive a first request from the first one of the plurality of clients for the delivery of electronic content from the storage unit; and a policy decision point in electronic communication with the policy enforcement point, the policy decision point configured to assess the first one of the plurality of clients including assessing at least the trust level of the first one of the plurality of clients and to grant permission to the policy enforcement point to deliver the content from the storage unit to the first one of the plurality of clients; the policy enforcement point further configured to receive from a second one of the plurality of clients a second request for permission to receive the electronic content from the first one of the plurality of clients, the second request including at least integrity information associated with the first one of the plurality of clients; and the policy decision point further configured to make a policy-based decision whether to allow the second one of the plurality of clients to receive the electronic content from the first one of the plurality of clients based at least in part on the integrity information associated with the first one of the plurality of clients.
-
Specification