Disclosed are various embodiments for controlling access to data on a network. Upon receiving a request comprising a device identifier and at least one user credential to access a remote resource, the request may be authenticated according to at least one compliance policy. If the request is authent
Disclosed are various embodiments for controlling access to data on a network. Upon receiving a request comprising a device identifier and at least one user credential to access a remote resource, the request may be authenticated according to at least one compliance policy. If the request is authenticated, a resource credential associated with the remote resource may be provided.
대표청구항▼
1. A method comprising: receiving, in a proxy server, a request from a client device to access a remote resource, wherein the request comprises a device identifier and at least one user credential;determining, by the proxy server, whether the device identifier and the at least one user credential ar
1. A method comprising: receiving, in a proxy server, a request from a client device to access a remote resource, wherein the request comprises a device identifier and at least one user credential;determining, by the proxy server, whether the device identifier and the at least one user credential are authentic;in response to determining that the device identifier and the at least one user credential are authentic, generating, in the proxy server, a request to authorize the client device;transmitting, from the proxy server over a network, the request to authorize the client device to a compliance server that is separate from the proxy server, the compliance server configured to determine whether the client device complies with a hardware restriction, a software restriction, and a mobile device management restriction, wherein the software restriction identifies whether the client device is permitted to have screen-capture functionality enabled;receiving, from the compliance server, an indication of whether the client device is authorized based upon whether the client device complies with the hardware restriction, the software restriction, and the mobile device management restriction;in response to determining, based upon the indication, that the client device is authorized to access the remote resource, associating, by the proxy server, a resource access credential for accessing the remote resource with the client device; andproviding, from the proxy server, the resource access credential to a remote device associated with the remote resource. 2. The method of claim 1, wherein the request to access the remote resource is for modifying the remote resource. 3. The method of claim 1, wherein the remote resource comprises at least one of the following: a database, a file, an application, an e-mail, a voicemail, a software resource, or a hardware resource. 4. The method of claim 1, further comprising determining, by the proxy server, whether a pairing of the device identifier and the at least one user credential is authorized to access the remote resource. 5. The method of claim 4, further comprising: in response to determining that the pairing of the device identifier and the at least one user credential is not authorized to access the remote resource, refusing, by the proxy server, the request to access the remote resource. 6. The method of claim 1, further comprising: receiving, in the proxy server, a second request to access the remote resource, wherein the second request comprises a second device identifier and the at least one user credential; anddetermining, in the proxy server, whether a pairing of the second device identifier and the at least one user credential is authorized to access the remote resource. 7. The method of claim 6, further comprising: in response to determining that the pairing of the second device identifier and the at least one user credential is authorized to access the remote resource, obtaining, in the proxy server, a resource credential associated with the remote resource. 8. The method of claim 1, further comprising: removing, by the proxy server, the at least one user credential from the request to access the remote resource; andinserting, by the proxy server, the resource access credential into the request to access the remote resource. 9. The method of claim 1, wherein the resource access credential comprises an enterprise level credential. 10. The method of claim 1, wherein the resource access credential comprises a user level credential. 11. The method of claim 1, wherein the resource access credential comprises at least one of an enterprise level credential or a user level credential. 12. A system comprising: a memory storage comprising a plurality of computer instructions; anda processing unit coupled to the memory storage, wherein the plurality of computer instructions, upon execution by the processing unit, cause the processing unit to at least: intercept a request for a client device to access a remote resource, wherein the request to access the remote resource comprises a device identifier and a user credential;determine whether the device identifier and the user credential are authentic;in response to determining that the device identifier and the user credential are authentic, generate a request to authorize the client device;transmit, from a proxy server over a network, the request to authorize the client device to a compliance server, the compliance server configured to determine whether the client device complies with a hardware restriction, a software restriction, and a mobile device management restriction, wherein the software restriction identifies whether the client device is permitted to have screen-capture functionality enabled;receive, from the compliance server, an indication of whether the client device is authorized based upon whether the client device complies with the hardware restriction, the software restriction, and the mobile device management restriction;in response to determining, based upon the indication, that the client device is authorized to access the remote resource, associate a resource access credential for accessing the remote resource with the client device; andproviding, from the proxy server, the resource access credential to a remote device associated with the remote resource. 13. The system of claim 12, wherein the plurality of instructions, upon execution by the processing unit, further cause the processing unit to at least: determine whether the remote resource comprises a personal resource; andin response to determining that the remote resource comprises the personal resource, transmit the request to access the resource to the compliance server. 14. The system of claim 12, wherein the plurality of instructions, upon execution by the processing unit, further cause the processing unit to at least determine whether a pairing of a user credential and a device identifier associated with the request to access the resource is authorized to access the remote resource. 15. A non-transitory computer-readable medium comprising a set of instructions that, when executed by a processor, causes the processor to perform a method, comprising: receiving a request from a client device to access a remote resource, wherein the request comprises a device identifier and at least one user credential;determining whether the device identifier and the at least one user credential are authentic;in response to determining that the device identifier and the user credential are authentic, generate a request to authorize the client device;transmitting, from a proxy server over a network, the request to authorize the client device to a compliance server that is separate from the proxy server, the compliance server configured to determine whether the client device complies a hardware restriction, a software restriction, and a mobile device management restriction, wherein the software restriction identifies whether the client device is permitted to have screen-capture functionality enabled;receiving, from the compliance server, an indication of whether the client device is authorized based upon whether the client device complies with the hardware restriction, the software restriction, and the mobile device management restriction;in response to determining, based upon the indication, that the client device is authorized to access the remote resource, associating a resource access credential for accessing the remote resource with the client device; andproviding, from the proxy server, the resource access credential to a remote device associated with the remote resource. 16. The non-transitory computer-readable medium of claim 15, wherein the mobile device management restriction is specified by a compliance rule for the client device. 17. The non-transitory computer-readable medium of claim 16, wherein the compliance rule is stored in a data store for the compliance server.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (41)
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Administration of protection of data accessible by a mobile device.
Johnson, David Nephi; Nielson, Dustin Lance; Griffis, Jr., Jerry E.; Beus, David Kent; Jensen, Nathan Blaine; Street, William; Sherman, Paul Erik; Cook, Michael William; Carter, Stephen R, Credential mapping.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R. Stanley, Global server for authenticating access to remote services.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Maurya, Sanjiv; Tse, Benson Wei-Ming; VanZile, Frank; Bonham, Larry Dean; Peterson, Phil; Friend, John, Method and system for distributing and updating software in wireless devices.
Bruton, III, David Aro; Overby, Jr., Linwood H.; Rodriguez, Adolfo Francisco, Methods, systems and computer program products for selectively allowing users of a multi-user system access to network resources.
Laird,David; Jones,Martin Kelly, Notification systems and methods enabling user entry of notification trigger information based upon monitored mobile vehicle location.
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Protection of data accessible by a mobile device.
Mann, Dwayne R.; Heard, Robert W.; Burchett, Christopher D.; Gordon, Ian R., Server, computer memory, and method to support security policy maintenance and distribution.
Wolovitz, Lionel; Collins, Tim, Service management system and associated methodology of providing service related message prioritization in a mobile client.
Heard, Robert W.; Mann, Dwayne R.; Burchett, Christopher D.; Gordon, Ian R., System and method for distribution of security policies for mobile devices.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R., System and method for globally and securely accessing unified information in a computer network.
Mendez,Daniel J.; Riggins,Mark D.; Wagle,Prasad; Bui,Hong Q.; Ng,Mason; Quinlan,Sean Michael; Ying,Christine C.; Zuleeg,Christopher R.; Cowan,David J.; Aptekar Strober,Joanna A.; Bailes,R. Stanley, System and method for globally and securely accessing unified information in a computer network.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.