Method and apparatus for assigning access control levels in providing access to networked content files
First Claim
Patent Images
1. A system of granting access to resources comprising:
- a first client node, operated by a user, requesting access to a resource;
a first collection agent gathering information about the first client node in response to the request to access the resource using the first client node;
a second client node, operated by the user, requesting access to the resource;
a second collection agent gathering information about the second client node in response to the request to access the resource using the second client node;
a policy engine in communication with the first collection agent and the second collection agent, granting to the user a first level of access to the resource responsive to application of a policy to the information gathered about the first client node when used by the user, and granting to the user a second level of access to the resource responsive to application of a policy to the information gathered about the second client node when used by the user,wherein the first level of access is selected from a plurality of levels of access, and wherein the second level of access is selected from the plurality of levels of access and allows access to the resource by requiring the use of an application hosted by a remote server to perform operations on the resource instead of an application hosted by the second client node.
9 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for assigning access control levels when providing access to networked content files includes a client node, a collection agent, and a policy engine. The client node requests access to a resource. The collection agent gathers information about the client node. The policy engine receives the gathered information and assigns one of a plurality of levels of access responsive to application of a policy to the received information.
-
Citations
58 Claims
-
1. A system of granting access to resources comprising:
-
a first client node, operated by a user, requesting access to a resource; a first collection agent gathering information about the first client node in response to the request to access the resource using the first client node; a second client node, operated by the user, requesting access to the resource; a second collection agent gathering information about the second client node in response to the request to access the resource using the second client node; a policy engine in communication with the first collection agent and the second collection agent, granting to the user a first level of access to the resource responsive to application of a policy to the information gathered about the first client node when used by the user, and granting to the user a second level of access to the resource responsive to application of a policy to the information gathered about the second client node when used by the user, wherein the first level of access is selected from a plurality of levels of access, and wherein the second level of access is selected from the plurality of levels of access and allows access to the resource by requiring the use of an application hosted by a remote server to perform operations on the resource instead of an application hosted by the second client node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method of granting access to resources, the method comprising:
-
(a) requesting, by a user, access to a resource using a first client node; (b) gathering, by a collection agent, information about the first client node in response to the request to access the resource using the first client node; (c) granting, by a policy engine in communication with the collection agent, to the user a first level of access to the resource responsive to application of a policy to the information gathered about the first client node when used by the user, the first level of access selected from a plurality of levels of access; (d) requesting, by the user, access to the resource using a second client node; (e) gathering, by a second collection agent, information about the second client node in response to the request to access the resource using the second client node; and (f) granting, by a policy engine in communication with the second collection agent, to the user a second level of access to the resource responsive to application of a policy to the information gathered about the second client node when used by the user, the second level of access selected from the plurality of levels of access and allowing access to the resource by requiring the use of an application hosted by a remote server to perform operations on the resource instead of an application hosted by the second client node. - View Dependent Claims (31, 32, 33, 34, 35, 36)
-
-
37. A policy engine comprising:
-
a first component receiving information about a first client node from which a user requests access to a resource, generating a first data set from the information, receiving information about a second client node from which the user requests access to the resource, and generating a second data set from the information about the second client node; and a second component receiving the first data set, granting a first level of access to the user based on the first data set received when the first client node is used by the user, receiving the second data set, and granting a second level of access to the user based on the second data set received when the second client node is used by the user, the second level of access requiring the use of an application hosted by a remote server to perform operations on the resource instead of an application hosted by the second client node, wherein the first level of access and the second level of access are selected from a plurality of levels of access. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A method of granting access with a policy engine, the method comprising:
-
(a) receiving, by a first component of a policy engine, information about a first client node from which a user requests access to a resource; (b) generating, by the first component, a first data set from the information; (c) granting, by a second component of the policy engine, a first level of access to the user based on the first data set received from the first component when the first client node is used by the user, the first level of access selected from a plurality of levels of access; (d) allowing, by the second component, the user access to the resource according to the first level of access granted to the user when the first client node is used by the user; (a) receiving, by the first component, information about a second client node from which the user requests access to the resource; (b) generating, by the first component, a second data set from the information; (c) granting, by the second component, a second level of access to the user based on the second data set received from the first component when the second client node is used by the user, the second level of access selected from the plurality of levels of access; (d) allowing, by the second component, the user access to the resource according to the second level of access granted to the user when the second client node is used by the user, the second level of access requiring the use of an application hosted by a remote server to perform operations on the resource instead of an application hosted by the second client node. - View Dependent Claims (50, 51, 52, 53, 54, 55, 56, 57, 58)
-
Specification