SYSTEMS AND METHODS FOR CONTROLLING EMAIL ACCESS
First Claim
1. A method for providing access to an email server, comprising:
- receiving, at an identity management server, a communication from the email server, the communication including information regarding a request for access to the email server from a user device;
sending, from the identity management server to a management server at which the user device is enrolled, a request for authorization to access the email server;
determining, at the management server, whether the user device is authorized to access the email server; and
in response to determining that the user device is authorized to access the email server, sending an authentication token from the management server to the user device, and sending, from the management server to the email server, an instruction to provide the user device with access to the email server.
2 Assignments
0 Petitions
Accused Products
Abstract
Examples described herein include systems and methods for controlling access to a server, such as an email server or a gateway, in situations where the identity of the requesting device is unknown or where the user device accesses the server using an unknown or unmanaged application. In one example, the system can utilize a user authentication credential included in the request to identify other devices belonging to the user that happen to be enrolled with the system. An out-of-band message can be sent to those enrolled devices, requesting confirmation from the user and, in conjunction with an authentication token, allowing the system to trust the previously unknown device. In the example of an unmanaged application attempting to access an email server, the system can confirm compliance of the requesting device and issue an authentication token that, along with an appropriate command sent to the email server, provides access.
38 Citations
20 Claims
-
1. A method for providing access to an email server, comprising:
-
receiving, at an identity management server, a communication from the email server, the communication including information regarding a request for access to the email server from a user device; sending, from the identity management server to a management server at which the user device is enrolled, a request for authorization to access the email server; determining, at the management server, whether the user device is authorized to access the email server; and in response to determining that the user device is authorized to access the email server, sending an authentication token from the management server to the user device, and sending, from the management server to the email server, an instruction to provide the user device with access to the email server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory, computer-readable medium comprising instructions that, when executed by a processor associated with a computing device, cause the processor to perform stages for providing access to an email server, the stages comprising:
-
receiving, at an identity management server, a communication from the email server, the communication including information regarding a request for access to the email server from a user device; sending, from the identity management server to a management server at which the user device is enrolled, a request for authorization to access the email server; determining, at the management server, whether the user device is authorized to access the email server; and in response to determining that the user device is authorized to access the email server, sending an authentication token from the management server to the user device, and sending, from the management server to the email server, an instruction to provide the user device with access to the email server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for providing access to an email server, comprising:
-
an identity management server; and a management server at which a user device is enrolled, wherein; the management server receives a communication from the email server, the communication including information regarding a request for access to the email server from the user device, the identity management server sends, to a management server at which the user device is enrolled, a request for authorization to access the email server, the management server determines whether the user device is authorized to access the email server, and in response to determining that the user device is authorized to access the email server, the management server sends an authentication token to the user device, and sends, to the email server, an instruction to provide the user device with access to the email server. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification