Dynamic access control
First Claim
Patent Images
1. A method for securing data and computer systems, comprising:
- receiving, at an intermediary network device, a request from a first client device to connect to a server;
verifying, by the intermediary network device, an identity of the server;
detecting, at the intermediary network device, that the server uses a one-time password (OTP) protocol, wherein detecting that the server uses an OTP protocol comprises comparing the identity of the server with a list of information identifying a plurality of servers that use the OTP protocol and associated user-defined policy protocol; and
performing, by the intermediary network device, an action according to the user-defined policy protocol based at least in part on the detecting, wherein performing the action comprises at least one of;
blocking, at the intermediary network device, a first connection between the first client device and a first computing device other than the server, the first computing device connected to the first client device via the intermediary network device; and
allowing, at the intermediary network device, a second connection between the first client device and a second computing device other than the server, the second computing device connected to the first client device via the intermediary network device.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for securing data and computer systems is described. In one embodiment, a request to connect to a server is received at an intermediary network device. It is detected, at the intermediary network device, that the server uses a one-time password (OTP) protocol. Based at least in part on the detecting that the server uses an OTP protocol, an action is performed by the intermediary network device. The action may include blocking, at the intermediary network device, a connection other than the connection to the server that uses the OTP protocol.
21 Citations
20 Claims
-
1. A method for securing data and computer systems, comprising:
-
receiving, at an intermediary network device, a request from a first client device to connect to a server; verifying, by the intermediary network device, an identity of the server; detecting, at the intermediary network device, that the server uses a one-time password (OTP) protocol, wherein detecting that the server uses an OTP protocol comprises comparing the identity of the server with a list of information identifying a plurality of servers that use the OTP protocol and associated user-defined policy protocol; and performing, by the intermediary network device, an action according to the user-defined policy protocol based at least in part on the detecting, wherein performing the action comprises at least one of; blocking, at the intermediary network device, a first connection between the first client device and a first computing device other than the server, the first computing device connected to the first client device via the intermediary network device; and allowing, at the intermediary network device, a second connection between the first client device and a second computing device other than the server, the second computing device connected to the first client device via the intermediary network device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 19)
-
-
10. A computing device configured for securing data and computer systems, comprising:
-
a processor; memory in electronic communication with the processor; instructions stored in the memory, the instructions being executable by the processor to; receive, at an intermediary network device, a request from a first client device to connect to a server; verify, by the intermediary network device, an identity of the server; detect, at the intermediary network device, that the server uses a one-time password (OTP) protocol, wherein detecting that the server uses an OTP protocol comprises comparing the identity of the server with a list of information identifying a plurality of servers that use the OTP protocol and associated user-defined policy protocol; and perform, by the intermediary network device, an action according to the user-defined policy protocol based at least in part on the detecting, wherein performing the action comprises at least one of; blocking, at the intermediary network device, a first connection between the first client device and a first computing device other than the server, the first computing device connected to the first client device via the intermediary network device; and allowing, at the intermediary network device, a second connection between the first client device and a second computing device other than the server, the second computing device connected to the first client device via the intermediary network device. - View Dependent Claims (11, 12, 13, 14, 20)
-
-
15. A computer-program product for securing data and computer systems, by a processor, the computer-program product comprising a non-transitory computer-readable medium storing instructions thereon, the instructions being executable by the processor to:
-
receive, at an intermediary network device, a request from a first client device to connect to a server; verify, by the intermediary network device, an identity of the server; detect, at the intermediary network device, that the server uses a one-time password (OTP) protocol, wherein detecting that the server uses an OTP protocol comprises comparing the identity of the server with a list of information identifying a plurality of servers that use the OTP protocol and associated user-defined policy protocol; and perform, by the intermediary network device, an action according to the user-defined policy protocol based at least in part on the detecting, wherein performing the action comprises at least one of; blocking, at the intermediary network device, a first connection between the first client device and a first computing device other than the server, the first computing device connected to the first client device via the intermediary network device; and allowing, at the intermediary network device, a second connection between the first client device and a second computing device other than the server, the second computing device connected to the first client device via the intermediary network device. - View Dependent Claims (16, 17, 18)
-
Specification