SYSTEM AND METHOD FOR SECURE MANAGEMENT OF MOBILE USER ACCESS TO NETWORK RESOURCES
First Claim
1. A method for managing secure mobile user access from a wireless mobile device via a wireless service provider network to a plurality of network resources of a host network, by steps comprising:
- in an access server comprising a mobile access control layer between the wireless service provider network and the host network,receiving, from a client of the wireless mobile device, a user request for mobile access;
authenticating the user;
determining group membership of the user based on a user ID and attributes of the user, each group having associated therewith a set of resources and associated operations for members of the group;
determining access rules for the user based on each group membership of the user;
generating a list of accessible resources and associated operations for the user based on said access rules;
making said list available to a subsequent process for performing an operation on an accessible resource in accordance with said access rules, said operations on an accessible resource comprising one or more of displaying and otherwise interfacing said resource to the user for one or more of read, write, execute, modify, delete, email, download and synchronize operations.
1 Assignment
0 Petitions
Accused Products
Abstract
A client-server system and method is provided for secure management of mobile user access to network resources from a wireless mobile device, such as a smart phone. A mobile access control layer resides between a wireless service provider network and host network, allowing for management of mobile access without overriding internal access policies. Access rules determining accessible resources and permitted operations are determined based on a user'"'"'s group memberships, and optionally on other information received from the system, or from the mobile device, e.g. time or location. Each group is associated with a set of permitted accessible resources and operations, e.g. read or write access to a resource such as a file, list, shared calendar, et al. A list of accessible resources and permitted operations is generated, and the list is made available for subsequent processes, e.g. presented to the user for selection of an accessible resource and permitted operation.
80 Citations
37 Claims
-
1. A method for managing secure mobile user access from a wireless mobile device via a wireless service provider network to a plurality of network resources of a host network, by steps comprising:
-
in an access server comprising a mobile access control layer between the wireless service provider network and the host network, receiving, from a client of the wireless mobile device, a user request for mobile access;
authenticating the user;determining group membership of the user based on a user ID and attributes of the user, each group having associated therewith a set of resources and associated operations for members of the group; determining access rules for the user based on each group membership of the user; generating a list of accessible resources and associated operations for the user based on said access rules; making said list available to a subsequent process for performing an operation on an accessible resource in accordance with said access rules, said operations on an accessible resource comprising one or more of displaying and otherwise interfacing said resource to the user for one or more of read, write, execute, modify, delete, email, download and synchronize operations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer readable medium storing instructions for performing, in a mobile access control layer of an access server where the mobile access control layer is between a wireless service provider and a host network, the following method steps comprising:
-
receiving, from a client of the wireless mobile device, a user request for mobile access; authenticating the user; determining group membership of the user based on a user ID and attributes of the user, each group having associated therewith a set of resources and associated operations for members of the group; determining access rules for the user based on each group membership of the user; generating a list of accessible resources and associated operations for the user based on said access rules; making said list available to a subsequent process for performing an operation on an accessible resource in accordance with said access rules, said operations on an accessible resource comprising one or more of displaying and otherwise interfacing said resource to the user for one or more of read, write, execute, modify, delete, email, download and synchronize operations. - View Dependent Claims (37)
-
-
27. A client-server system for managing secure mobile user access from a wireless mobile device via a wireless service provider network to a plurality of network resources of a host network, the system comprising:
-
an access server providing a mobile access control layer between the wireless service provider network and the host network; a mobile access client residing on the user'"'"'s wireless mobile device; and wherein the mobile access control layer is configured to perform the steps of; receiving, from the mobile access client, a user request for mobile access; authenticating the user; determining group membership of a user based on a user ID and attributes of the user, each group having associated therewith a set of resources and associated operations for members of the group; determining access rules for the user based on each group membership of the user; generating a list of accessible resources and associated operations for the user based on said access rules; making said list available to a subsequent process for performing an operation on an accessible resource in accordance with said access rules. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification