SECURED ACCESS CONTROL TO CLOUD-BASED APPLICATIONS
First Claim
1. A method for securing an access to a cloud-based application, comprising:
- receiving an authentication token, wherein the authentication token includes an identity of a user of a client device requesting an access to the cloud-based application;
receiving, from an agent executed in the client device, a client certificate;
retrieving, from a compliance server, a device posture of the client device, wherein the device posture is retrieved respective of the received client certificate;
identifying an access policy for the client device to access the cloud-based application, wherein the access policy is identified based at least on the retrieved device posture; and
determining whether to grant an access to the cloud-based application based in part on the compliance of the client device with the identified access policy.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and proxy device for securing an access to a cloud-based application are presented. The method includes receiving an authentication token, wherein the authentication token includes an identity of a user of a client device requesting an access to the cloud-based application; receiving, from an agent executed in the client device, a client certificate; retrieving, from a compliance server, a device posture of the client device, wherein the device posture is retrieved respective of the received client certificate; identifying an access policy for the client device to access the cloud-based application, wherein the access policy is identified based at least on the retrieved device posture; and determining whether to grant an access to the cloud-based application based in part on the compliance of the client device with the identified access policy.
60 Citations
26 Claims
-
1. A method for securing an access to a cloud-based application, comprising:
-
receiving an authentication token, wherein the authentication token includes an identity of a user of a client device requesting an access to the cloud-based application; receiving, from an agent executed in the client device, a client certificate; retrieving, from a compliance server, a device posture of the client device, wherein the device posture is retrieved respective of the received client certificate; identifying an access policy for the client device to access the cloud-based application, wherein the access policy is identified based at least on the retrieved device posture; and determining whether to grant an access to the cloud-based application based in part on the compliance of the client device with the identified access policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A proxy device for securing an access to a cloud-based application, comprising:
-
a processing system; and a memory, the memory containing instructions that, when executed by the processing system, configure the proxy device to; receive an authentication token, wherein the authentication token includes an identity of a user of a client device requesting an access to the cloud-based application; receive, from an agent executed in the client device, a client certificate; retrieve, from a compliance server, a device posture of the client device, wherein the device posture is retrieved respective of the received client certificate; identify an access policy for the client device to access the cloud-based application, wherein the access policy is identified based at least on the retrieved posture; and determine whether to grant an access to the cloud-based application based in part on the compliance of the client device with the identified access policy. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A cloud computing platform, comprising:
-
at least one server configured to host at least one cloud-based application; a compliance server; a proxy device communicatively connected to the at least one server, wherein the proxy device includes a processing system and a memory;
the memory containing instructions that, when executed by the processing system, configure the proxy device to;receive an authentication token, wherein the authentication token includes an identity of a user of a client device requesting an access to the cloud-based application; receive, from an agent executed in the client device, a client certificate; retrieve, from the compliance server, a device posture of the client device, wherein the device posture is retrieved respective of the received client certificate; identify an access policy for the client device to access the cloud-based application, wherein the access policy is identified based at least on the retrieved posture; and determine whether to grant an access to the cloud-based application based in part on the compliance of the client device with the identified access policy.
-
Specification