Approach for managing access to data on client devices
First Claim
1. A non-transitory computer-readable medium for managing access to a particular electronic document, the computer-readable medium storing instructions which, when processed by one or more processors, causes:
- a device management system receiving, from a client device a request to access a particular electronic document, user identification information, and device identification information;
determining, from the user identification information and device identification information that a user of the client device is a registered owner of the client device;
determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices;
in response to determining the one or more policies that specify the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices;
determining, based on the user identification information, a status of the user of the client device from stored personnel information, anddetermining, based on the status of the user of the client device and the one or more policies that apply to the particular electronic document, whether the user of the client device is authorized to download the particular electronic document;
in response to determining that the user of the client device is authorized to download the particular electronic document;
determining one or more attributes of the client device to which the particular electronic document is to be downloaded,determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, andin response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, then providing the particular electronic document to the client device.
1 Assignment
0 Petitions
Accused Products
Abstract
A device management system is configured to manage access to electronic documents on client devices using policies. The policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices for example, particular hardware and software configurations that are required at client devices before data is permitted to be downloaded to those client devices. The policies may also specify other requirements that must be satisfied before data is permitted to be downloaded to those client devices, for example, user authentication.
114 Citations
20 Claims
-
1. A non-transitory computer-readable medium for managing access to a particular electronic document, the computer-readable medium storing instructions which, when processed by one or more processors, causes:
-
a device management system receiving, from a client device a request to access a particular electronic document, user identification information, and device identification information; determining, from the user identification information and device identification information that a user of the client device is a registered owner of the client device; determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices; in response to determining the one or more policies that specify the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices; determining, based on the user identification information, a status of the user of the client device from stored personnel information, and determining, based on the status of the user of the client device and the one or more policies that apply to the particular electronic document, whether the user of the client device is authorized to download the particular electronic document; in response to determining that the user of the client device is authorized to download the particular electronic document; determining one or more attributes of the client device to which the particular electronic document is to be downloaded, determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, and in response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, then providing the particular electronic document to the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for managing access to a particular electronic document, the apparatus including a memory storing instructions which, when processed by one or more processors, cause:
-
a device management system receiving, from a client device a request to access a particular electronic document, user identification information, and device identification information; determining, from the user identification information and device identification information that a user of the client device is a registered owner of the client device; determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices; in response to determining the one or more policies that specify the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices; determining, based on the user identification information, a status of the user of the client device from stored personnel information, and determining, based on the status of the user of the client device and the one or more policies that apply to the particular electronic document, whether the user of the client device is authorized to download the particular electronic document; in response to determining that the user of the client device is authorized to download the particular electronic document; determining one or more attributes of the client device to which the particular electronic document is to be downloaded, determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, and in response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, then providing the particular electronic document to the client device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method for managing access to a particular electronic document, the computer-implemented method comprising:
-
a device management system receiving, from a client device a request to access a particular electronic document, user identification information, and device identification information; determining, from the user identification information and device identification information that a user of the client device is a registered owner of the client device; determining, from a plurality of policies, one or more policies that apply to the particular electronic document, wherein the one or more policies specify one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices; in response to determining the one or more policies that specify the one or more download and processing restrictions to be enforced with respect to the particular electronic document at client devices; determining, based on the user identification information, a status of the user of the client device from stored personnel information, and determining, based on the status of the user of the client device and the one or more policies that apply to the particular electronic document, whether the user of the client device is authorized to download the particular electronic document; in response to determining that the user of the client device is authorized to download the particular electronic document; determining one or more attributes of the client device to which the particular electronic document is to be downloaded, determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, whether the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, and in response to determining, based upon the one or more attributes of the client device to which the particular electronic document is to be downloaded, that the client device is currently configured to enforce the one or more download and processing restrictions with respect to the particular electronic document, then providing the particular electronic document to the client device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification