CONTROLLING ACCESS TO RESOURCES ON A NETWORK
First Claim
1. A system, comprising:
- a proxy server that receives a plurality of requests from a user on one of a plurality of client devices to access at least one enterprise resource provided by an enterprise device on a network, the proxy server being configured to authenticate the user and the client device to determine whether the user has permission to access the at least one enterprise resource from the client device; and
a compliance server that authorizes the client device to communicate with the enterprise device, wherein the proxy server transmits at least one of the requests from the client device to the enterprise device if the client device is authorized to communicate with the enterprise device and the user has permission to access the at least one enterprise resource from the client device.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for controlling access to data on a network. In one embodiment, a proxy service receives a request from a user on a client device to access a quantity of enterprise resources served up by an enterprise device. In response, the proxy service determines whether the user on the client device has been authenticated to access the enterprise resources. The proxy service also determines whether the client device from which the user requested the access is authorized to access the enterprise resources. Responsive to the determination that the user is authentic and that the client device is authorized, the proxy service associates a set of approved enterprise access credentials with the request and facilitates the transmission of the requested enterprise resources to the client device.
131 Citations
20 Claims
-
1. A system, comprising:
-
a proxy server that receives a plurality of requests from a user on one of a plurality of client devices to access at least one enterprise resource provided by an enterprise device on a network, the proxy server being configured to authenticate the user and the client device to determine whether the user has permission to access the at least one enterprise resource from the client device; and a compliance server that authorizes the client device to communicate with the enterprise device, wherein the proxy server transmits at least one of the requests from the client device to the enterprise device if the client device is authorized to communicate with the enterprise device and the user has permission to access the at least one enterprise resource from the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving, from one of a plurality of client devices, a request to access a quantity of enterprise resources provided by at least one enterprise device, wherein the request comprises at least one of a plurality of user access credentials and at least one of a plurality of device identifiers associated with the device; authenticating, in the proxy server, the request from the client device by determining whether the set of user access credentials match at least one set of a plurality of approved user access credentials and the device identifier matches one of a plurality of approved device identifiers, authorizing, in a compliance server, the client device by determining whether the client device complies with a plurality of compliance rules; modifying, in the proxy server, the request to insert at least one of a plurality of approved enterprise access credentials; and transmitting, from the proxy server, the modified request to the enterprise device. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable medium embodying a program executable in a computing device, the program, when executed, performing a method comprising:
-
receiving a request from a user on a client device to access a quantity of enterprise resources served up by an enterprise device, the request comprising a set of user credentials of the user and a device identifier of the client device; determining whether the user is authentic based on the user access credentials and the device identifier; determining whether the client device is authorized based on a plurality of device characteristics associated with the client device; responsive to a determination that the user is authentic and the client device is authorized, modifying the request to remove the user credentials and insert a set of approved enterprise access credentials; transmitting the modified request to the enterprise device to receive the requested quantity of enterprise resources; receiving the requested quantity of enterprise resources from the enterprise device; and transmitting the requested quantity of enterprise resources to the client device. - View Dependent Claims (18, 19, 20)
-
Specification