Network access control for cloud services
First Claim
Patent Images
1. A method, comprising:
- receiving, from a user device, a request to access a cloud service;
comparing, by a processor, a security status of the user device to a network access control policy for the cloud service, wherein the network access control policy defines a level of security specifying a set of security features for the user device based on a category of the user device, a category of information requested, and a category of the cloud service and specifies at least one condition, the condition comprising a presence of an updated version of a security agent on the user device;
determining that the user device does not include the updated version of the security agent as specified by the condition of the network access control policy;
determining an update to the security status of the user device that will cause the security status of the user device to satisfy the condition for future requests to access the cloud service;
redirecting the request to a security provider, the security provider to provide an updated version of the security agent to the user device in order to satisfy the condition of the network access control policy; and
upon determining that the security status of the user device satisfies the condition of the network access control policy granting the user device access to the cloud service.
2 Assignments
0 Petitions
Accused Products
Abstract
A cloud service access and information gateway receives, from a user device, a request to access a cloud service. The cloud service access and information gateway compares a security status of the user device to a network access control policy for the cloud service. If the security status satisfies a condition of the network access control policy, the cloud service access and information gateway grants the user device access to the cloud service. If the security status does not satisfy the condition of the network access control policy, the cloud service access and information gateway requests an update to the security status of the user device to satisfy the condition.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving, from a user device, a request to access a cloud service; comparing, by a processor, a security status of the user device to a network access control policy for the cloud service, wherein the network access control policy defines a level of security specifying a set of security features for the user device based on a category of the user device, a category of information requested, and a category of the cloud service and specifies at least one condition, the condition comprising a presence of an updated version of a security agent on the user device; determining that the user device does not include the updated version of the security agent as specified by the condition of the network access control policy; determining an update to the security status of the user device that will cause the security status of the user device to satisfy the condition for future requests to access the cloud service; redirecting the request to a security provider, the security provider to provide an updated version of the security agent to the user device in order to satisfy the condition of the network access control policy; and upon determining that the security status of the user device satisfies the condition of the network access control policy granting the user device access to the cloud service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system, comprising:
-
a memory; and a processor coupled with the memory to; receive, from a user device, a request to access a cloud service; compare a security status of the user device to a network access control policy for the cloud service, wherein the network access control policy defines a level of security specifying a set of security features for the user device based on a category of the user device, a category of information requested, and a category of the cloud service and specifies at least one condition, the condition comprising a presence of an updated version of a security agent on the user device; determine that the user device does not include the updated version of the security agent as specified by the condition of the network access control policy; determine an update to the security status of the user device that will cause the security status of the user device to satisfy the condition for future requests to access the cloud service; redirect the request to a security provider, the security provider to provide an updated version of the security agent to the user device in order to satisfy the condition of the network access control policy; and upon determining that the security status of the user device satisfies the condition of the network access control policy, grant the user device access to the cloud service. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium including instructions that, when executed by a processor, cause the processor to perform operations comprising:
-
receiving, from a user device, a request to access a cloud service; comparing, by a processor, a security status of the user device to a network access control policy for the cloud service, wherein the network access control policy defines a level of security specifying a set of security features for the user device based on a category of the user device, a category of information requested, and a category of the cloud service and specifies at least one condition, the condition comprising a presence of an updated version of a security agent on the user device; determining that the user device does not include the updated version of the security agent as specified by the condition of the network access control policy; determining an update to the security status of the user device that will cause the security status of the user device to satisfy the condition for future requests to access the cloud service; redirecting the request to a security provider, the security provider to provide an updated version of the security agent to the user device in order to satisfy the condition of the network access control policy; and upon determining that the security status of the user device satisfies the condition of the network access control policy, granting the user device access to the cloud service. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification