Method and aparatus for presence based resource management
First Claim
1. A method of reducing risk associated with a computer that may be infected with a malicious application comprising:
- receiving, from the computer over a network, first presence data indicating a first interactivity level of more than two interactivity levels of a logged in user of the computer;
receiving a first network request by the logged in user from the computer for first resources external to the computer;
executing instructions on computer hardware to determine a first resource control policy to apply to the first network request by the logged in user for the first resources external to the computer based on the first interactivity level;
executing instructions on computer hardware to apply the first resource control policy to the first request for resources;
receiving, from the computer over the network, second presence data indicating a different second interactivity level of the more than two interactivity levels of the logged in user of the computer;
receiving a second network request by the logged in user from the computer for second resources external to the computer;
executing instructions on computer hardware to determine a second resource control policy to apply to the second network request by the logged in user for the second resources external to the computer based on the second interactivity level; and
executing instructions on computer hardware to apply the second policy to the second request.
14 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus provide resource authorization based on a computer'"'"'s presence information. Presence information may include information relating to a computer'"'"'s operating environment. In some implementations, a presence detector on a computer determines presence information and provides the information to a resource manager. The computer may then generate a resource access request. A resource manager may then determine whether the resource request is authorized based, at least in part, on the presence information. The resource manager then responds to the resource access request, either granting or denying the request for resources.
-
Citations
27 Claims
-
1. A method of reducing risk associated with a computer that may be infected with a malicious application comprising:
-
receiving, from the computer over a network, first presence data indicating a first interactivity level of more than two interactivity levels of a logged in user of the computer; receiving a first network request by the logged in user from the computer for first resources external to the computer; executing instructions on computer hardware to determine a first resource control policy to apply to the first network request by the logged in user for the first resources external to the computer based on the first interactivity level; executing instructions on computer hardware to apply the first resource control policy to the first request for resources; receiving, from the computer over the network, second presence data indicating a different second interactivity level of the more than two interactivity levels of the logged in user of the computer; receiving a second network request by the logged in user from the computer for second resources external to the computer; executing instructions on computer hardware to determine a second resource control policy to apply to the second network request by the logged in user for the second resources external to the computer based on the second interactivity level; and executing instructions on computer hardware to apply the second policy to the second request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An apparatus for reducing risk associated with a computer that may be infected with a malicious application, comprising:
-
a memory; a processor, configured to fetch instructions from the memory; and a network interface, operatively coupled to the processor, wherein the memory stores; a presence management module, configured to cause the processor to receive first and second presence data comprising indications of different interactivity levels of a logged in user from the user'"'"'s computer over a network via the network interface, wherein each of the first and second presence data indicates one of more than two interactivity levels, a URL filtering interface module, configured to cause the processor to receive first and second URL access requests including corresponding first and second requested URLs, a URL categorization module, configured to cause the processor to determine one or more URL categories for each of the requested URLs, a policy determination module, configured to cause the processor to determine a policy to apply to each of the requested URLs based, at least in part, on a different received interactivity level of the logged in user, and a policy application module, configured to cause the processor to authorize or not authorize access to each of the requested URLs by the computer based, at least in part, on the determined policy for that URL and the one or more URL categories corresponding to the URL. - View Dependent Claims (22, 23)
-
-
24. An apparatus for reducing risk associated with a computer that may be infected with a malicious application, comprising:
-
means for communicating over a network; means for receiving a plurality of indications of different interactivity levels of a logged in user from the user'"'"'s computer via the communicating means, each indication indicating one of more than two interactivity levels; means for receiving a network request from the user'"'"'s computer for resources via the communication means; and means for applying a resource control policy to the received network request based on at least one of the received interactivity levels. - View Dependent Claims (25)
-
-
26. A non-transitory computer readable medium, storing instructions that when executed by a processor perform a method of reducing risk associated with a computer that may be infected with a malicious application, the method comprising:
-
receiving a plurality of indications of different interactivity levels of a logged in user from the user'"'"'s computer over a network, each indication indicating one of more than two interactivity levels; receiving a network request from the user'"'"'s computer for resources; and applying a resource control policy based on at least one of the received interactivity levels of the logged in user. - View Dependent Claims (27)
-
Specification