Rule-based application access management
First Claim
Patent Images
1. A method comprising:
- receiving, at a client device, a portion of a streaming software application executing at a remote location in a streaming software container;
executing the streaming software application virtualized at the client device using the portion of the streaming software application;
generating, at the client device, a request for an other portion of the streaming software application based on user interaction with the executing of the streaming software application at the client device using the portion of the streaming software application;
sending the request for the other portion of the streaming software application to the remote location;
intercepting the request for the other portion of the streaming software application at a DMZ;
determining if the request for the other portion of the streaming software application is associated with the DMZ;
if it is determined that the request for the other portion of the streaming software application in unaffiliated with the DMZ;
determining if rule-based access to the other portion of the streaming software application can be provided to the client device according to rule-based access associated with the client device;
providing the other portion of the streaming software application to the client device if it is determined that the rule-based access indicates the other portion of the streaming software application can be provided to the client device;
receiving the other portion of the streaming software application from the remote location, the other portion of the streaming software application specifically retrieved according to the continued execution of the streaming software application in the streaming software container based on the request for the other portion of the streaming software application;
continuing execution of the streaming software application virtualized at the client device using the other portion of the streaming software application received from the remote location.
2 Assignments
0 Petitions
Accused Products
Abstract
A container that manages access to protected resources using rules to intelligently manage them includes an environment having a set of software and configurations that are to be managed. A rule engine, which executes the rules, may be called reactively when software accesses protected resources. The engine uses a combination of embedded and configurable rules. It may be desirable to assign and manage rules per process, per resource (e.g. file, registry, etc.), and per user. Access rules may be altitude-specific access rules.
250 Citations
14 Claims
-
1. A method comprising:
-
receiving, at a client device, a portion of a streaming software application executing at a remote location in a streaming software container; executing the streaming software application virtualized at the client device using the portion of the streaming software application; generating, at the client device, a request for an other portion of the streaming software application based on user interaction with the executing of the streaming software application at the client device using the portion of the streaming software application; sending the request for the other portion of the streaming software application to the remote location; intercepting the request for the other portion of the streaming software application at a DMZ; determining if the request for the other portion of the streaming software application is associated with the DMZ; if it is determined that the request for the other portion of the streaming software application in unaffiliated with the DMZ; determining if rule-based access to the other portion of the streaming software application can be provided to the client device according to rule-based access associated with the client device; providing the other portion of the streaming software application to the client device if it is determined that the rule-based access indicates the other portion of the streaming software application can be provided to the client device; receiving the other portion of the streaming software application from the remote location, the other portion of the streaming software application specifically retrieved according to the continued execution of the streaming software application in the streaming software container based on the request for the other portion of the streaming software application; continuing execution of the streaming software application virtualized at the client device using the other portion of the streaming software application received from the remote location. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
at least one processor and memory configured to store instructions to instruct the at least one processor to; receive, at a client device, a portion of a streaming software application executing at a remote location in a streaming software container; execute the streaming software application virtualized at the client device using the portion of the streaming software application; generate, at the client device, a request for an other portion of the streaming software application based on user interaction with the executing of the streaming software application at the client device using the portion of the streaming software application; send the request for the other portion of the streaming software application to the remote location; intercept the request for the other portion of the streaming software application at a DMZ; determine if the request for the other portion of the streaming software application is associated with the DMZ; determine if rule-based access to the other portion of the streaming software application can be provided to the client device according to rule-based access associated with the client device, if it is determined that the request for the other portion of the streaming software application in unaffiliated with the DMZ; provide the other portion of the streaming software application to the client device if it is determined that the rule-based access indicates the other portion of the streaming software application can be provided to the client device; receive the other portion of the streaming software application from the remote location, the other portion of the streaming software application specifically retrieved according to the continued execution of the streaming software application in the streaming software container based on the request for the other portion of the streaming software application; continue execution of the streaming software application virtualized at the client device using the other portion of the streaming software application received from the remote location. - View Dependent Claims (9, 10, 11, 12, 13)
-
14. A system comprising:
-
at least one hardware processor; memory storing instructions configured to be executed by the at least one hardware processor to implement; means for receiving, at a client device, a portion of a streaming software application executing at a remote location in a streaming software container; means for executing the streaming software application virtualized at the client device using the portion of the streaming software application; means for generating, at the client device, a request for an other portion of the streaming software application based on user interaction with the executing of the streaming software application at the client device using the portion of the streaming software application; means for sending the request for the other portion of the streaming software application to the remote location; means for intercepting the request for the other portion of the streaming software application at a DMZ; means for determining if the request for the other portion of the streaming software application is associated with the DMZ; means for determining if rule-based access to the other portion of the streaming software application can be provided to the client device according to rule-based access associated with the client device, if it is determined that the request for the other portion of the streaming software application in unaffiliated with the DMZ; means for providing the other portion of the streaming software application to the client device if it is determined that the rule-based access indicates the other portion of the streaming software application can be provided to the client device; means for receiving the other portion of the streaming software application from the remote location, the other portion of the streaming software application specifically retrieved according to the continued execution of the streaming software application in the streaming software container based on the request for the other portion of the streaming software application; means for continuing execution of the streaming software application virtualized at the client device using the other portion of the streaming software application received from the remote location.
-
Specification