Rule-based application access management
First Claim
Patent Images
1. A method comprising:
- providing a requestor at a streaming client access to a first resource of a streaming software application executing in a streaming software container and at least partially virtualized at the streaming client;
receiving at the streaming software container a request, from the requestor, for accessing a second resource of the streaming software application based on requestor interaction with the executing of the streaming software application in the streaming software container using the first resource of the streaming software application;
determining whether the second resource of the streaming software application is in the streaming software container at the streaming client;
if it is determined the second resource of the streaming software application is absent from the streaming software container at the streaming client, sending a block request for blocks of the streaming software application corresponding to the second resource of the streaming software application to a streaming server;
receiving the second resource at the streaming software container from the streaming server in response to the block request for the second resource;
providing the requestor access to the second resource of the streaming software application in the streaming software container for use in continuing execution of the streaming software application at least partially virtualized at the streaming client;
making a rule-based determination of whether to grant the requestor access to the second resource based on an identification of the requestor;
providing the requestor access to the second resource if it is determined to grant the requestor access to the second resource.
2 Assignments
0 Petitions
Accused Products
Abstract
A container that manages access to protected resources using rules to intelligently manage them includes an environment having a set of software and configurations that are to be managed. A rule engine, which executes the rules, may be called reactively when software accesses protected resources. The engine uses a combination of embedded and configurable rules. It may be desirable to assign and manage rules per process, per resource (e.g. file, registry, etc.), and per user. Access rules may be altitude-specific access rules.
249 Citations
20 Claims
-
1. A method comprising:
-
providing a requestor at a streaming client access to a first resource of a streaming software application executing in a streaming software container and at least partially virtualized at the streaming client; receiving at the streaming software container a request, from the requestor, for accessing a second resource of the streaming software application based on requestor interaction with the executing of the streaming software application in the streaming software container using the first resource of the streaming software application; determining whether the second resource of the streaming software application is in the streaming software container at the streaming client; if it is determined the second resource of the streaming software application is absent from the streaming software container at the streaming client, sending a block request for blocks of the streaming software application corresponding to the second resource of the streaming software application to a streaming server; receiving the second resource at the streaming software container from the streaming server in response to the block request for the second resource; providing the requestor access to the second resource of the streaming software application in the streaming software container for use in continuing execution of the streaming software application at least partially virtualized at the streaming client; making a rule-based determination of whether to grant the requestor access to the second resource based on an identification of the requestor; providing the requestor access to the second resource if it is determined to grant the requestor access to the second resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
-
at least one processor and memory configured to store instructions to instruct the at least one processor to; provide a requestor at a streaming client access to a first resource of a streaming software application executing in a streaming software container and at least partially virtualized at the streaming client; receive at the streaming software container a request, from the requestor, for accessing a second resource of the streaming software application based on requestor interaction with the executing of the streaming software application in the streaming software container using the first resource of the streaming software application; determine whether the second resource of the streaming software application is in the streaming software container at the streaming client; send a block request for blocks of the streaming software application corresponding to the second resource of the streaming software application to a streaming server, if it is determined the second resource of the streaming software application is absent from the streaming software container at the streaming client; receive the second resource at the streaming software container from the streaming server in response to the block request for the second resource; provide the requestor access to the second resource of the streaming software application in the streaming software container for use in continuing execution of the streaming software application at least partially virtualized at the streaming client; make a rule-based determination of whether to grant the requestor access to the second resource based on an identification of the requestor; provide the requestor access to the second resource if it is determined to grant the requestor access to the second resource. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 19)
-
-
18. A system comprising:
a hardware processor to implement; means for providing a requestor at a streaming client access to a first resource of a streaming software application executing in a streaming software container and at least partially virtualized at the streaming client; means for receiving at the streaming software container a request, from the requestor, for accessing a second resource of the streaming software application based on requestor interaction with the executing of the streaming software application in the streaming software container using the first resource of the streaming software application; means for determining whether the second resource of the streaming software application is in the streaming software container at the streaming client; means for sending a block request for blocks of the streaming software application corresponding to the second resource of the streaming software application to a streaming server, if it is determined the second resource of the streaming software application is absent from the streaming software container at the streaming client; means for receiving the second resource at the streaming software container from the streaming server in response to the block request for the second resource; means for providing the requestor access to the second resource of the streaming software application in the streaming software container for use in continuing execution of the streaming software application at least partially virtualized at the streaming client; means for making a rule-based determination of whether to grant the requestor access to the second resource based on an identification of the requestor; means for providing the requestor access to the second resource if it is determined to grant the requestor access to the second resource. - View Dependent Claims (20)
Specification