Systems and methods for controlling network access
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/32
H04W-012/08
H04W-012/02
출원번호
US-0656046
(2012-10-19)
등록번호
US-9247432
(2016-01-26)
발명자
/ 주소
Stuntebeck, Erich
Burnett, Michelle
출원인 / 주소
AIRWATCH LLC
대리인 / 주소
Thomas | Horstemeyer, LLP
인용정보
피인용 횟수 :
0인용 특허 :
90
초록▼
Disclosed are various embodiments for systems and methods for controlling access of networks. In one embodiment, an access control service receives requests to access network beacons from client devices. In response, the access control service determines whether the client devices satisfy authorizat
Disclosed are various embodiments for systems and methods for controlling access of networks. In one embodiment, an access control service receives requests to access network beacons from client devices. In response, the access control service determines whether the client devices satisfy authorization rules associated with the network beacons. If the access control service determines that the client devices satisfy the authorization rules associated with the network beacons, the access control service authorizes the client devices to access the network beacons. Subsequently, if the client devices cease to satisfy the authorization rules associated with the network beacons, the access control service terminates the authorization of the client devices to access the network beacons.
대표청구항▼
1. An apparatus, comprising: one or more processors;one or more memory devices including program code instructions, the program code instructions being configured to cause the one or more processors to at least: receive one or more requests to access one or more network beacons from one or more clie
1. An apparatus, comprising: one or more processors;one or more memory devices including program code instructions, the program code instructions being configured to cause the one or more processors to at least: receive one or more requests to access one or more network beacons from one or more client devices;access one or more device profiles describing one or more states of the one or more client devices, wherein the one or more device profiles indicate a date of last maintenance of the one or more client devices, and wherein the one or more states of the one or more client devices indicate one or more locations of the one or more client devices and one or more signal strengths of the one or more network beacons;determine a stringency for one or more authorization rules associated with the one or more network beacons based at least in part on whether the one or more client devices are located within a transmission range of the one or more network beacons, wherein the stringency of the one or more authorization rules is adjusted based at least in part on the one or more states of the one or more client devices;determine, based at least in part on the one or more states, whether the one or more client devices satisfy the stringency for the one or more authorization rules associated with the one or more network beacons, the one or more authorization rules specifying one or more permitted states associated with an operating system software requirement for the one or more client devices;responsive to a determination that the one or more client devices satisfy the stringency for the one or more authorization rules associated with the one or more network beacons, authorize the one or more client devices to access the one or more network beacons; andterminate the authorization of the one or more client devices to access the one or more network beacons by at least causing one or more resources associated with the one or more network beacons to be removed from the one or more client devices in an instance in which the one or more client devices no longer satisfy the one or more authorization rules associated with the one or more network beacons. 2. The apparatus of claim 1, wherein the one or more requests comprise the one or more device profiles. 3. The apparatus of claim 1, wherein the program code instructions are further configured to cause the one or more processors to at least authorize the one or more client devices to access the one or more network beacons by causing one or more resources associated with the one or more network beacons to be transmitted to the one or more client devices. 4. The apparatus of claim 1, wherein the one or more network beacons are associated with one or more service providers, and the one or more client devices are associated with one or more customers of the one or more service providers. 5. The apparatus of claim 1, wherein the one or more authorization rules comprise one or more environment-related requirements. 6. The apparatus of claim 1, wherein the one or more authorization rules comprise one or more device-related requirements. 7. The apparatus of claim 1, wherein the one or more authorization rules comprise one or more resource-related requirements. 8. The apparatus of claim 1, wherein the stringency for the one or more authorization rules is based at least in part on a signal strength level. 9. A method, comprising: accessing at least one device profile describing at least one state of at least one client device, wherein the at least one device profile indicates a date of last maintenance of the at least one client, and wherein the at least one state of the at least one client device indicates at least one location of the at least one client device and at least one signal strength of one or more network beacons;causing one or more requests to access the one or more network beacons to be transmitted from the at least one client device;receiving, at the at least one client device, one or more resources associated with the one or more network beacons;accessing the one or more network beacons from the at least one client device in an instance in which a determination has been made that the at least one client device satisfies a stringency for one or more authorization rules associated with an operating system software requirement for the at least one client device, wherein the stringency of the one or more authorization rules is adjusted based at least in part on the at least one state of the at least one client device, wherein the stringency for the one or more authorization rules is determined based at least in part on whether the at least one client device is located within a transmission range of the one or more network beacons,wherein the determination of whether the at least one client device satisfies the stringency for the one or more authorization rules is made based at least in part on the at least one state of the at least one client device, and further wherein the one or more authorization rules specify one or more permitted states; andceasing an authorization to access the one or more network beacons from the at least one client device by causing one or more resources associated with the one or more beacons to be removed from the one or more client devices. 10. The method of claim 9, wherein the one or more resources comprise a key configured to permit the at least one client device to access one or more networks associated with the one or more network beacons. 11. The method of claim 9, further comprising: ceasing the authorization to access the one or more network beacons from the at least one client device in response to the at least one client device failing to satisfy the one or more authorization rules. 12. The method of claim 9, further comprising: removing the one or more resources from the at least one client device in response to the at least one client device failing to satisfy the one or more authorization rules. 13. The method of claim 9, wherein the one or more network beacons are associated with one or more service providers, and the at least one client device is associated with at least one customer of the one or more service providers. 14. A non-transitory computer-readable medium embodying one or more programs executable in one or more computing devices, the one or more programs comprising code that, when executed, directs the one or more computing devices to at least: identify at least one client device located within one or more transmission ranges of one or more network beacons;access at least one device profile describing at least one state of the at least one client device, wherein the one or more device profiles indicate a date of last maintenance of the one or more client devices, and wherein the one or more states of the one or more client devices indicate one or more locations of the one or more client devices and one or more signal strengths of the one or more network beacons;determine a stringency for one or more authorization rules associated with the one or more network beacons based at least in part on whether the at least one client device is located within the one or more transmission ranges of the one or more network beacons;determine, based at least in part on the at least one state, whether the at least one client device satisfies the stringency for the one or more authorization rules associated with the one or more network beacons, the one or more authorization rules specifying one or more permitted states associated with an operating system software requirement for the at least one client device, wherein the stringency of the one or more authorization rules is adjusted based at least in part on the at least one state of the at least one client device;responsive to a determination that the at least one client device satisfies the stringency for the one or more authorization rules associated with the one or more network beacons, cause one or more resources associated with the one or more network beacons to be transmitted to the at least one client device; andterminate the authorization of the at least one client device to access the one or more network beacons by at least causing one or more resources associated with the one or more network beacons to be removed from the at least one client device in an instance in which the at least one client device no longer satisfies the one or more authorization rules associated with the one or more network beacons. 15. The computer-readable medium of claim 14, wherein the one or more computing devices are directed to identify the at least one client device located within the one or more transmission ranges of the one or more network beacons by receiving one or more requests to access the one or more network beacons from the at least one client device. 16. The computer-readable medium of claim 14, wherein the one or more computing devices are further directed to at least: responsive to the determination that the at least one client device satisfies the one or more authorization rules associated with the one or more network beacons, authorize the at least one client device to access the one or more network beacons. 17. The computer-readable medium of claim 14, wherein the one or more resources comprise a key configured to permit the at least one client device to access one or more networks associated with the one or more network beacons. 18. The computer-readable medium of claim 14, wherein the one or more network beacons are associated with one or more service providers and the at least one client device is associated with at least one customer of the one or more service providers. 19. The non-transitory computer-readable medium of claim 14, wherein the stringency for the one or more authorization rules is based at least in part on a signal strength level.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (90)
Wood, David L.; Norton, Derk, Access management system and method employing secure credentials.
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Administration of protection of data accessible by a mobile device.
Bhaskaran,Harikrishnan, Communication system and method for compressing information sent by a communication device to a target portable communication device.
Johnson, David Nephi; Nielson, Dustin Lance; Griffis, Jr., Jerry E.; Beus, David Kent; Jensen, Nathan Blaine; Street, William; Sherman, Paul Erik; Cook, Michael William; Carter, Stephen R, Credential mapping.
See Michael E. ; Bailey John W. ; Panza Charles L. ; Pikover Yuri ; Stone Geoffrey C., Deterministic user authentication service for communication network.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R. Stanley, Global server for authenticating access to remote services.
Sengupta,Uttam K.; Deshpande,Nikhil M., Method and apparatus for providing proximity based authentication, security, and notification in a wireless system.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Maurya, Sanjiv; Tse, Benson Wei-Ming; VanZile, Frank; Bonham, Larry Dean; Peterson, Phil; Friend, John, Method and system for distributing and updating software in wireless devices.
Bruton, III, David Aro; Overby, Jr., Linwood H.; Rodriguez, Adolfo Francisco, Methods, systems and computer program products for selectively allowing users of a multi-user system access to network resources.
Laird,David; Jones,Martin Kelly, Notification systems and methods enabling user entry of notification trigger information based upon monitored mobile vehicle location.
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Protection of data accessible by a mobile device.
Mann, Dwayne R.; Heard, Robert W.; Burchett, Christopher D.; Gordon, Ian R., Server, computer memory, and method to support security policy maintenance and distribution.
Wolovitz, Lionel; Collins, Tim, Service management system and associated methodology of providing service related message prioritization in a mobile client.
Ng, Mason; Mendez, Daniel J.; Quinlan, Sean Michael, System and method for automatically forwarding email and email events via a computer network to a server computer.
Heard, Robert W.; Mann, Dwayne R.; Burchett, Christopher D.; Gordon, Ian R., System and method for distribution of security policies for mobile devices.
Riggins Mark D. ; Bailes R. Stanley ; Bui Hong O. ; Cowan David I. ; Mendez Daniel I. ; Ng Mason ; Quinlan Sean Michael ; Wagle Prasad ; Ying Christine C. ; Zuleeg Christopher R. ; Aptekar-Strober Jo, System and method for globally accessing computer services.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R., System and method for globally and securely accessing unified information in a computer network.
Mendez,Daniel J.; Riggins,Mark D.; Wagle,Prasad; Bui,Hong Q.; Ng,Mason; Quinlan,Sean Michael; Ying,Christine C.; Zuleeg,Christopher R.; Cowan,David J.; Aptekar Strober,Joanna A.; Bailes,R. Stanley, System and method for globally and securely accessing unified information in a computer network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for securely synchronizing multiple copies of a workspace element in a network.
Ng Mason ; Quinlan Sean Michael ; Ruan Tom ; Mendez Daniel J. ; Zhu Jing ; Cheng ; Jr. Martin ; Williams Matt ; Riggins Mark D., System and method for updating a remote database in a network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for using a global translator to synchronize workspace elements across a network.
Piccionelli, Greg A.; Rittmaster, Ted R., System and process for limiting distribution of information on a communication network based on geographic location.
Kim, Jin Pil; Thomas, C. Gomer, Virtual channel table for a broadcast protocol and method of broadcasting and receiving broadcast signals using the same.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.