Method and system for performing a security check
First Claim
Patent Images
1. A method performed by a server, the method comprising:
- receiving, based on receiving an indication of a uniform resource locator (URL) entered by a user of a remote device, an indication that the user is attempting to establish a session with the server;
using, by the server, the URL to retrieve a first authorization policy associated with the session from a first data structure;
causing, by the server, a first security checker, associated with the first authorization policy, to be executed on the remote device;
receiving, at the server, a user ID associated with the user;
identifying, by the server, a second authorization policy associated with the user ID;
determining, by the server device, that the second authorization policy is not the same as the first authorization policy;
causing, by the server, a second security checker, associated with the second authorization policy, to be executed on the remote device when the second authorization policy is not the same as the first authorization policy; and
determining, by the server, a level of access for the user based on a result of the execution of the first security checker or the second security checker.
11 Assignments
0 Petitions
Accused Products
Abstract
An access request is transmitted from a first device to a second device causing one or more security functions to be executed on the first device. Whether to grant the access request is based on a result of the executed one or more security functions.
14 Citations
14 Claims
-
1. A method performed by a server, the method comprising:
-
receiving, based on receiving an indication of a uniform resource locator (URL) entered by a user of a remote device, an indication that the user is attempting to establish a session with the server; using, by the server, the URL to retrieve a first authorization policy associated with the session from a first data structure; causing, by the server, a first security checker, associated with the first authorization policy, to be executed on the remote device; receiving, at the server, a user ID associated with the user; identifying, by the server, a second authorization policy associated with the user ID; determining, by the server device, that the second authorization policy is not the same as the first authorization policy; causing, by the server, a second security checker, associated with the second authorization policy, to be executed on the remote device when the second authorization policy is not the same as the first authorization policy; and determining, by the server, a level of access for the user based on a result of the execution of the first security checker or the second security checker. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
a server to; receive, based on receiving an indication of a uniform resource locator (URL) entered by a user of a remote device, an indication that the user is attempting to establish a session; retrieve, using the URL, a first authorization policy, associated with the session, from a first data structure; cause a first security checker, associated with the first authorization policy, to be executed on the remote device; receive a user ID associated with the user; identify a second authorization policy associated with the user ID; determine that the second authorization policy is not the same as the first authorization policy; cause a second security checker, associated with the second authorization policy, to be executed on the remote device when the second authorization policy is not the same as the first authorization policy; and determine a level of access for the user based on a result of the execution of the first security checker or the second security checker. - View Dependent Claims (7, 8, 9, 10)
-
11. A method comprising:
-
configuring, by a security system and based on an identity of a user attempting to access a remote device, a group of security modules to add one or more independently produced security modules, the security modules, of the group of security modules, each implementing one or more security functions that are to be executed on the remote device, the one or more independently produced security modules being produced by entities different than an entity that produced the security system, the group of security modules including; a package manifest section that includes a name of a provider of the security module, a security module section that includes an identification of one or more policies supported by the security module, and a security framework section that includes a program interface for the security module; transmitting, by the security system, the group of security modules to the remote device for execution of the one or more security functions implemented by the security modules at the remote device; and determining, by the security system, whether to grant, to the user access to the remote device based on a result of the executed one or more security functions. - View Dependent Claims (12, 13, 14)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneePulse Secure, LLC (Ivanti Software, Inc.)
-
Original AssigneeJuniper Networks Incorporated
-
InventorsTock, Theron, Egorov, Vadim, Srinivas, Sampath, Harding, Andrew R
-
Primary Examiner(s)Tabor, Amare F
-
Application NumberUS12/604,902Time in Patent Office1,278 DaysField of Search726/4, 726/25, 713/168US Class Current726/4CPC Class CodesH04L 63/20 for managing network securi...
