Opaque quarantine and device discovery
First Claim
Patent Images
1. A computing system comprising:
- a processor and computer storage;
an access control component to control access to system services and data using a number of access states including a blocked state, an allowed state, a device discovery state, and a quarantined state by;
receiving a service request including device parameters from a device requesting the system services and data;
associating a synchronization time with the service request;
blocking the device from the system services and data using the blocked state if a trust level is less than a requisite trust level required by the computing system;
allowing the device to access and use the system services and data using the allowed state if the trust level is greater than or equal to the requisite trust level;
artificially quarantining the device using the device discovery state if recently introduced to the computing system including temporarily delaying access and use of the system services and data while determining the trust level of the device;
quarantining the device to prevent access and use of the system services and data using the quarantined state if the trust level of the device is unknown, the quarantining including providing quarantine data to the device without providing the requested services and data to the device; and
,storing the access state of the device in the computer storage.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments described herein provide communication control features and functionality, but are not so limited. In an embodiment, a computing environment includes an access control component that can use a number of access states to control access to computing data and/or services. In one embodiment, a server computer can control access to data and/or services using a number of access states including, but not limited to: an allowed state, a blocked state, a device discovery state, and/or a quarantined state. Other embodiments are available.
18 Citations
18 Claims
-
1. A computing system comprising:
-
a processor and computer storage; an access control component to control access to system services and data using a number of access states including a blocked state, an allowed state, a device discovery state, and a quarantined state by; receiving a service request including device parameters from a device requesting the system services and data; associating a synchronization time with the service request; blocking the device from the system services and data using the blocked state if a trust level is less than a requisite trust level required by the computing system; allowing the device to access and use the system services and data using the allowed state if the trust level is greater than or equal to the requisite trust level; artificially quarantining the device using the device discovery state if recently introduced to the computing system including temporarily delaying access and use of the system services and data while determining the trust level of the device; quarantining the device to prevent access and use of the system services and data using the quarantined state if the trust level of the device is unknown, the quarantining including providing quarantine data to the device without providing the requested services and data to the device; and
,storing the access state of the device in the computer storage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method of controlling synchronization operations associated with synchronization services within a computing environment comprising:
-
controlling access to the synchronization services based in part on mobile client request parameters received from a number of mobile clients by using a number of access states including a blocked state, an allowed state, a device discovery state, and a quarantined state, the controlling access including; assigning the blocked state to each untrustworthy mobile client to block access to the computing environment; assigning the allowed state to each trustworthy mobile client to allow access to the computing environment including using the synchronization services; assigning the device discovery state to each new mobile client to the computing environment, including controlling an amount of time from which to transition from the device discovery state to another access state; and
,assigning the quarantined state to each unknown mobile client to delay normal synchronization operations of each unknown mobile client while communicating modified synchronization data customized to a communication request of each unknown mobile client; and
,storing each access state for each mobile client in computer storage. - View Dependent Claims (14, 15)
-
-
16. Computer storage device which stores instructions that control access to synchronization data by:
-
receiving synchronization requests including user access and device parameters from requesting computing devices requesting synchronization data; assigning a synchronization creation time to each synchronization request; using a number of access control states including a blocked state, an allowed state, a device discovery state, and a quarantined state; blocking an unapproved computing device from accessing the requested synchronization data and using the blocked state to identify that the unapproved computing device is blocked and unapproved; allowing an approved computing device to access the requested synchronization data and using the allowed state to identify that the approved computing device is allowed and approved; using the device discovery state to artificially quarantine a recently introduced computing device that includes temporarily delaying access and use of services and data while determining a trust level of the recently introduced computing device; quarantining an unidentified computing device having an undetermined trust level to prevent access of the synchronization data including using the quarantined state to identify that a trust level for the unidentified computing device is being determined, the quarantining including returning empty data to the unidentified computing device corresponding to the requested synchronization data to maintain a synchronization protocol; and
,storing each state of each computing device and a reason for each state. - View Dependent Claims (17, 18)
-
Specification