GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT
First Claim
1. A data distribution system comprising:
- a processor;
a computer readable device including at least one program executed by the processor to perform operations, the operations comprising;
receiving a reception request for distribution data from a requesting client;
detecting an environment of the requesting client;
determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on a given policy, wherein the loading unit loads distribution data to a protected storage area of the requesting client;
determining a security policy specified for the requested distribution data;
generating a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program; and
transmitting the generated distribution package to the client.
1 Assignment
0 Petitions
Accused Products
Abstract
A data distribution system, method and program for generating a distribution package for distribution data to a client. An environment of a requesting client requesting distribution data is detected. A determination is made of an access control execution program for implementing an access control mechanism and a loading unit on the requesting client. The access control execution program is adapted to the detected environment of the requesting client and control access to a resource from a process in the client. The loading unit loads the distribution data to a protected storage area of the client. A determination is made of a security policy specified for the distribution data. A distribution package is generated including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting client; and transmitting the generated distribution package to the requesting client.
-
Citations
26 Claims
-
1. A data distribution system comprising:
-
a processor; a computer readable device including at least one program executed by the processor to perform operations, the operations comprising; receiving a reception request for distribution data from a requesting client; detecting an environment of the requesting client; determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on a given policy, wherein the loading unit loads distribution data to a protected storage area of the requesting client; determining a security policy specified for the requested distribution data; generating a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program; and transmitting the generated distribution package to the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 11)
-
-
12. (canceled)
-
13. A client computer connected over a network to a data distribution system distributing a distribution package, the client apparatus comprising:
-
a processor; a computer readable device including at least one program executed by the processor to perform operations, comprising; transmitting, to the data distribution system, a reception request for distribution data; transmitting, to the data distribution apparatus, environmental information describing an environment of the client apparatus; receiving, from the data distribution apparatus, a distribution package including the distribution data, a security policy specified for the distribution data, and an access control execution program adapted to the environment of the client for implementing an access control mechanism, and a loading unit; executing, the access control execution program to control access a resource from a process in the client in a manner that depends on the security policy; and executing the loading unit to load the distribution data to a protected storage area of the client. - View Dependent Claims (21, 22)
-
-
14. A data distribution method for providing a distribution package, comprising:
-
receiving a reception request for distribution data from a requesting client; detecting an environment of the requesting client; determining distribution data to be distributed and a security policy specified for the distribution data; determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on the security policy, wherein the loading unit loads the distribution data to a protected storage area of the client; generating a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program; and transmitting the generated distribution package to the client. - View Dependent Claims (8, 9, 10, 15, 16, 17)
-
-
18. A method for receiving distribution data, comprising:
-
transmitting a reception request for distribution data to a data distribution system; transmitting environmental information describing an environment of the client apparatus to the data distribution system; receiving a distribution package including the distribution data, a security policy specified for the distribution data, an access control execution program adapted to the environment of the client for implementing an access control mechanism and a loading unit; activating the access control execution program to control access to a resource from a process in the client in a manner that depends on the security policy; and executing the loading unit to load the distribution data to a protected storage area on the client, from the data distribution system apparatus. - View Dependent Claims (23, 24)
-
-
19. A computer readable device including a program executable by a computer, the program causing the computer to perform operations, the operations comprising:
-
receiving a reception request for distribution data from a requesting client; detecting an environment of the requesting client; determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on a given policy, wherein the loading unit loads distribution data included in a distribution package to a protected storage area of the client; determining a security policy specified for the distribution data; a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting; and transmitting the generated distribution package to the requesting client. - View Dependent Claims (25, 26)
-
-
20. (canceled)
Specification