REMOTE ACCESS TO RESOURCES OVER A NETWORK
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and techniques are provided for controlling requests for resources from remote computers. A remote computer'"'"'s ability to access a resource is determined based upon the computer'"'"'s operating environment. The computer or computers responsible for controlling access to a resource will interrogate the remote computer to ascertain its operating environment. The computer or computers responsible for controlling access to a resource may, for example, download one or more interrogator agents onto the remote computer to determine its operating environment. Based upon the interrogation results, the computer or computers responsible for controlling access to a resource will control the remote computer'"'"'s access to the requested resource.
-
Citations
20 Claims
-
1. (canceled)
-
2. A method for controlling access to data, the method comprising:
-
receiving a signature from an interrogator agent at a first computer, wherein the signature includes a set of Boolean logical expressions defining a list of artifacts that characterize an operating environment of the first computer; matching the set of Boolean logical expressions with at least one configuration controlled by a provisioning server; and classifying the first computer into a zone in accordance with the at least one configuration, the zone governed by a rule identifying one or more operating environment requirements for accessing one or more resources in a server system, wherein the first computer is allowed to access at least one of the resources based on the classification. - View Dependent Claims (3, 4, 5, 6, 7, 8)
-
-
9. A method for controlling access to data, the method comprising:
-
downloading an interrogator agent onto a first computer over a communication network; executing the interrogator agent, wherein execution of the interrogator agent by a processor of the first computer; identifies one or more artifacts characterizing an operating environment of the first computer, and generates a signature based on the identified artifacts, wherein the signature includes a set of Boolean logical expressions defining a list of the identified artifacts; and sending the signature to a server for evaluation, wherein the server classifies the first computer into a zone based on matching the set of Boolean logical expressions with at least one configuration controlled by a provisioning server, the zone governed by a rule identifying one or more operating environment requirements for accessing one or more resources. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method for controlling access to data, the method comprising:
-
receiving a request to access a resource, the request sent from a requesting computer over a communication network and indicating an operating environment of the requesting computer; identifying that the operating environment of the requesting computer does not conform to a configuration rule; and sending program code to the requesting computer, wherein the requesting computer executes the program code to update the operating environment to conform to the configuration rule. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification