Methods, systems and computer program products for selectively allowing users of a multi-user system access to network resources
First Claim
1. A method for selectively allowing access to a plurality of resources in a network, the method comprising:
- receiving a request originated from a user of a multi-user system to transmit a message via the multi-user system over the network to one of the plurality of resources, wherein each of the plurality of resources has been assigned to one of a plurality of security zones based on a level of security sensitivity of the resource;
identifying a one of the plurality of security zones that is associated with the one of the plurality of resources;
determining if the user of the multi-user system is authorized access to the identified one of the plurality of security zones; and
forwarding the message from the multi-user system over the network only if it is determined that the user is authorized access to the identified one of the plurality of security zones.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems and computer program products are provided for selectively allowing a user of a multi-user system access to a plurality of resources in a network. Pursuant to these methods, systems and computer program products, a request, originated by a user of the multi-user system, may be received to transmit a message over the network to one of the plurality of resources in the network. A security zone associated with this resource may then be identified. Pursuant to the operations of the present invention, if it is determined that the user is authorized access to the identified security zone, the message may be forwarded over the network to the resource.
-
Citations
24 Claims
-
1. A method for selectively allowing access to a plurality of resources in a network, the method comprising:
-
receiving a request originated from a user of a multi-user system to transmit a message via the multi-user system over the network to one of the plurality of resources, wherein each of the plurality of resources has been assigned to one of a plurality of security zones based on a level of security sensitivity of the resource; identifying a one of the plurality of security zones that is associated with the one of the plurality of resources; determining if the user of the multi-user system is authorized access to the identified one of the plurality of security zones; and forwarding the message from the multi-user system over the network only if it is determined that the user is authorized access to the identified one of the plurality of security zones. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for selectively allowing access to a plurality of resources in a network, comprising:
-
means for receiving a request originated from a user to a multi-user system to transmit a message via the multi-user system over the network to one of the plurality of resources, wherein each of the plurality of resources has been assigned to one of a plurality of security zones based on a level of security sensitivity of the resource; means for identifying a one of the plurality of security zones that is associated with the one of the plurality of resources; means for determining if the user of the multi-user system is authorized access to the identified one of the plurality of security zones; and means for forwarding the message from the multi-user system over the network only if it is determined that the user is authorized access to the identified one of the plurality of security zones. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A computer program product for selectively allowing access to a plurality of resources in a network, comprising:
-
a computer-readable storage medium having computer-readable program code embodied in said medium, said computer-readable program code comprising; computer program product means for receiving a request originated from a user of a multi-user system to transmit a message via the multi-user system over the network to one of the plurality of resources, wherein each of the plurality of resources has been assigned to one of a plurality of security zones based on a level of security sensitivity of the resource; computer program product means for identifying a one of the plurality of security zones that is associated with the one of the plurality of resources; computer program product means for determining if the user of the multi-user system is authorized access to the identified one of the plurality of security zones; and computer program product means for forwarding the message from the multi-user system over the network only if it is determined that the user is authorized access to the identified one of the plurality of security zones. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A method for selectively allowing a user of a multi-user system access to a plurality of resources in a network, the method comprising:
-
receiving a message over the network from one of the plurality of resources that is addressed to a process running on the multi-user system that is associated with the user; identifying, from a plurality of security zones, a security zone associated with the one of the plurality of resources; determining if the user is authorized access to the identified security zone; and forwarding the message to the process only if it is determined that the user is authorized access to the identified security zone. - View Dependent Claims (21)
-
-
22. A data processing system for selectively allowing access to a plurality of resources in a network, comprising:
-
a data processing device, the data processing device connected to a first network that includes a plurality of networked resources; a plurality of workstations that are configured to execute applications on the data processing device; a first data structure that specifies at least one security zone from a plurality of security zones that is associated with each of the plurality of networked resources, wherein each of the plurality of security zones represents a distinct level of security sensitivity; and a second data structure that specifies the respective security zones to which a plurality users of the data processing device may have access. - View Dependent Claims (23, 24)
-
Specification