Provisioning remote computers for accessing resources
First Claim
1. A method of controlling access to requested resources at a remote computer, the method comprising:
- authenticating an identity of a user of the remote computer;
providing an interrogator agent for installation onto the remote computer;
receiving interrogation results concerning the operating environment of the remote computer from the interrogator agent;
determining a zone of trust from a plurality of zones of trust based on the authenticated identity of the user and the received interrogation results, each zone of trust being associated with a set of resources; and
authorizing access to a requested resource based on an association with the determined zone of trust.
18 Assignments
0 Petitions
Accused Products
Abstract
Systems and techniques are provided for controlling requests for resources from remote computers. A remote computer'"'"'s ability to access a resource is determined based upon the computer'"'"'s operating environment. The computer or computers responsible for controlling access to a resource will interrogate the remote computer to ascertain its operating environment. The computer or computers responsible for controlling access to a resource may, for example, download one or more interrogator agents onto the remote computer to determine its operating environment. Based upon the interrogation results, the computer or computers responsible for controlling access to a resource will control the remote computer'"'"'s access to the requested resource.
-
Citations
16 Claims
-
1. A method of controlling access to requested resources at a remote computer, the method comprising:
-
authenticating an identity of a user of the remote computer; providing an interrogator agent for installation onto the remote computer; receiving interrogation results concerning the operating environment of the remote computer from the interrogator agent; determining a zone of trust from a plurality of zones of trust based on the authenticated identity of the user and the received interrogation results, each zone of trust being associated with a set of resources; and authorizing access to a requested resource based on an association with the determined zone of trust. - View Dependent Claims (2, 3, 4)
-
-
5. A method of controlling an end point computer'"'"'s access to a resource, the method comprising:
-
receiving a request for a resource from a remote computer; providing a first interrogator agent for installation onto the remote computer based on the received request; receiving first interrogation results produced by the first interrogator agent; identifying one or more security process objects corresponding to the received interrogation results; providing for installation of the identified security process object onto the remote computer; authenticating an identity of a user of the remote computer; providing for installation of a second interrogator agent onto the remote computer based on the authenticated identity of the user; receiving second interrogation results produced by the second interrogator agent; assigning the remote computer to a zone of trust from a plurality of zones of trust based upon the first interrogation results and the second interrogation results, each zone of trust being associated with a set of resources; and authorizing the remote computer with access to the requested resource based upon the assigned zone of trust. - View Dependent Claims (6, 7, 8)
-
-
9. A method of provisioning a remote computer, comprising:
-
receiving a communication from a remote computer, the communication including an authenticated identity of a user of the remote computer; providing at least one interrogator agent for installation onto the remote computer, the at least one interrogator agent being based on the identity of the user of the remote computer; receiving interrogation results concerning the remote computer from the at least one interrogator agent; identifying a portfolio of one or more process objects that may be supported by an operating environment of the remote computer based upon the interrogation results; and providing the identified portfolio of one or more process objects for use in provisioning the remote computer to access a requested resource. - View Dependent Claims (10, 11, 12)
-
-
13. A method of performing an activity based upon an operating environment of a remote computer, comprising:
-
providing an interrogator agent for installation onto the remote computer; receiving interrogation results concerning the remote computer from the interrogator agent; assigning a zone of trust from a plurality of zones of trust to the remote computer based upon an authenticated identity of a user of the remote computer and the received interrogation results, each zone of trust being associated with an action; and performing the action associated with the determined zone of trust. - View Dependent Claims (14)
-
-
15. A server system for provisioning a client computer, the system comprising:
-
an access server configured to receive communications from a client computer, the communications including an authenticated identity of a user of the client computer; a provisioning server configured to provide at least one interrogator agent for installation onto a client computer communicating with the access server; and an end point control server configured to assign a zone of trust from a plurality of zones of trust to the client computer based upon the authenticated user identity and the interrogation results provided by the at least one interrogator agent, each zone of trust being associated with a set of resources. - View Dependent Claims (16)
-
Specification