Approach for managing access to data on client devices
First Claim
1. A computer-readable medium for managing access to a particular electronic document, the computer-readable medium storing instructions which, when processed by one or more processors, causes:
- a device management system receiving, from a client device, a request to access a particular electronic document;
determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices based at least in part on a user authentication level;
determining, based upon the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices, that user authentication is required to download the particular electronic document to the client device;
in response to determining that user authentication is required to download the particular electronic document to the client device, determining whether a user of the client device is authorized to download the particular electronic document based at least in part on the user authentication level of the user of the client device;
in response to determining that the user of the client device is authorized to download the particular electronic document;
determining one or more attributes of the client device to which the particular electronic document is to be downloaded,determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device,determining, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices based at least in part on the user authentication level of the user of the one or more other devices, andin response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device and, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices and enforce the plurality of policies on the one or more other devices based, at least in part, on the user authentication level of the user of the one or more other devices, then providing the particular electronic document to the client device.
1 Assignment
0 Petitions
Accused Products
Abstract
A device management system is configured to manage access to electronic documents on client devices using policies. The policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices for example, particular hardware and software configurations that are required at client devices before data is permitted to be downloaded to those client devices. The policies may also specify other requirements that must be satisfied before data is permitted to be downloaded to those client devices, for example, user authentication.
-
Citations
20 Claims
-
1. A computer-readable medium for managing access to a particular electronic document, the computer-readable medium storing instructions which, when processed by one or more processors, causes:
-
a device management system receiving, from a client device, a request to access a particular electronic document; determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices based at least in part on a user authentication level; determining, based upon the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices, that user authentication is required to download the particular electronic document to the client device; in response to determining that user authentication is required to download the particular electronic document to the client device, determining whether a user of the client device is authorized to download the particular electronic document based at least in part on the user authentication level of the user of the client device; in response to determining that the user of the client device is authorized to download the particular electronic document; determining one or more attributes of the client device to which the particular electronic document is to be downloaded, determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device, determining, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices based at least in part on the user authentication level of the user of the one or more other devices, and in response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device and, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices and enforce the plurality of policies on the one or more other devices based, at least in part, on the user authentication level of the user of the one or more other devices, then providing the particular electronic document to the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for managing access to a particular electronic document, the apparatus including a memory storing instructions which, when processed by one or more processors, cause:
-
a device management system receiving, from a client device, a request to access a particular electronic document; determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices; determining, based upon the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices, that user authentication is required to download the particular electronic document to the client device; in response to determining that user authentication is required to download the particular electronic document to the client device, determining whether a user of the client device is authorized to download the particular electronic document; in response to determining that the user of the client device is authorized to download the particular electronic document; determining one or more attributes of the client device to which the particular electronic document is to be downloaded, determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device, determining, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices based at least in part on the user authentication level of the user of the one or more other devices, and in response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device and, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices and enforce the plurality of policies on the one or more other devices based, at least in part, on the user authentication level of the user of the one or more other devices, then providing the particular electronic document to the client device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method for managing access to a particular electronic document, the computer-implemented method comprising:
-
a device management system receiving, from a client device, a request to access a particular electronic document; determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices based at least in part on a user authentication level; determining, based upon the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices, that user authentication is required to download the particular electronic document to the client device; in response to determining that user authentication is required to download the particular electronic document to the client device, determining whether a user of the client device is authorized to download the particular electronic document based at least in part on the user authentication level of the user of the client device; in response to determining that the user of the client device is authorized to download the particular electronic document; determining one or more attributes of the client device to which the particular electronic document is to be downloaded, determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device, determining, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices based at least in part on the user authentication level of the user of the one or more other devices, and in response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document on the client device and, based upon one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to determine a user authentication level of a user of one or more other devices and enforce the plurality of policies on the one or more other devices based, at least in part, on the user authentication level of the user of the one or more other devices, then providing the particular electronic document to the client device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification