Remote access to resources over a network
First Claim
1. A method for controlling access to a set of resource in a network, the method comprising:
- assigning one or more zones of trust for each respective remotely hosted resource, wherein each of the assigned one or more zones of trust corresponds to one or more policies that identifies authorized users and authorized client operating environments that may access a particular remotely hosted resource,executing instructions stored in memory, wherein the instructions are executed by a processor to;
authenticate a user to determine if the user is among the identified authorized users, wherein the user is requesting access to a particular remotely hosted resource via a computing device having a user client operating environment,characterize the user client operating environment, wherein the characterization is performed using an interrogation agent, and wherein the characterization includes;
identifying provisioning objects currently stored on the user computing device, andcomparing the identified provisioning objects currently on the user computing device with a list of provisioning objects that would be needed before access to the remotely hosted resource is authorized, wherein the comparison is based on the authenticated identity of the user and the characterized user client operating environment, andinstalling one or more missing provisioning objects to the user computing device when the comparison indicates that the user computing device lacks the one or more missing provisioning objects, wherein the installation places the user computing device in compliance with the assigned one or more zones of trust for the particular remotely hosted resource; and
providing the requested remotely hosted resource to the user at the user computing device.
19 Assignments
0 Petitions
Accused Products
Abstract
Systems and techniques are provided for controlling requests for resources from remote computers. A remote computer'"'"'s ability to access a resource is determined based upon the computer'"'"'s operating environment. The computer or computers responsible for controlling access to a resource will interrogate the remote computer to ascertain its operating environment. The computer or computers responsible for controlling access to a resource may, for example, download one or more interrogator agents onto the remote computer to determine its operating environment. Based upon the interrogation results, the computer or computers responsible for controlling access to a resource will control the remote computer'"'"'s access to the requested resource.
-
Citations
20 Claims
-
1. A method for controlling access to a set of resource in a network, the method comprising:
-
assigning one or more zones of trust for each respective remotely hosted resource, wherein each of the assigned one or more zones of trust corresponds to one or more policies that identifies authorized users and authorized client operating environments that may access a particular remotely hosted resource, executing instructions stored in memory, wherein the instructions are executed by a processor to; authenticate a user to determine if the user is among the identified authorized users, wherein the user is requesting access to a particular remotely hosted resource via a computing device having a user client operating environment, characterize the user client operating environment, wherein the characterization is performed using an interrogation agent, and wherein the characterization includes; identifying provisioning objects currently stored on the user computing device, and comparing the identified provisioning objects currently on the user computing device with a list of provisioning objects that would be needed before access to the remotely hosted resource is authorized, wherein the comparison is based on the authenticated identity of the user and the characterized user client operating environment, and installing one or more missing provisioning objects to the user computing device when the comparison indicates that the user computing device lacks the one or more missing provisioning objects, wherein the installation places the user computing device in compliance with the assigned one or more zones of trust for the particular remotely hosted resource; and providing the requested remotely hosted resource to the user at the user computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable storage medium having embodied thereon a program executable by a processor for performing a method for controlling access to a set of resource in a network, the method comprising:
-
assigning one or more zones of trust for each respective remotely hosted resource, wherein each of the assigned one or more zones of trust corresponds to one or more policies that identifies authorized users and authorized client operating environments that may access a particular remotely hosted resource, authenticating a user to determine if the user is among the identified authorized users, wherein the user is requesting access to a particular remotely hosted resource via a computing device having a user client operating environment, characterizing the user client operating environment, wherein the characterization is performed using an interrogation agent, and the characterization includes; identifying provisioning objects currently stored on the user computing device, and comparing the identified provisioning objects currently on the user computing device with a list of provisioning objects that would be needed before access to the remotely hosted resource is authorized, wherein the comparison is based on the authenticated identity of the user and the characterized user client operating environment, and installing one or more missing provisioning objects to the user computing device when the comparison indicates that the user computing device lacks the one or more missing provisioning objects, wherein the installation places the user computing device in compliance with the assigned one or more zones of trust for the particular remotely hosted resource; and providing the requested remotely hosted resource to the user at the user computing device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for controlling access to a set of resource in a network, the apparatus comprising:
-
a memory; a processor, wherein the execution of instructions out of the memory by the processor; assigns one or more zones of trust for each respective remotely hosted resource, wherein each of the assigned one or more zones of trust corresponds to one or more policies that identifies authorized users and authorized client operating environments that may access a particular remotely hosted resource, authenticates a user to determine if the user is among the identified authorized users, wherein the user is requesting access to a particular remotely hosted resource via a computing device having a user client operating environment, characterizes the user client operating environment, wherein the characterization is performed using an interrogation agent, and wherein the characterization includes; identifying provisioning objects currently stored on the user computing device, and comparing the identified provisioning objects currently on the user computing device with a list of provisioning objects that would be needed before access to the remotely hosted resource is authorized, wherein the comparison is based on the authenticated identity of the user and the characterized user client operating environment, and installs one or more missing provisioning objects to the user computing device when the comparison indicates that the user computing device lacks the one or more missing provisioning objects, wherein the installation places the user computing device in compliance with the assigned one or more zones of trust for the particular remotely hosted resource, and a communication interface that provides the requested remotely hosted resource to the user at the user computing device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification