| 主权项 |
1. A method of controlling access to a set of resource in a network, the method comprising:
assigning one or more zones of trust for each respective remotely hosted resource, wherein each assigned zone of trust corresponds to one or more policies that identifies authorized users and authorized client operating environments that may access a particular remotely hosted resource, executing instructions stored in memory, wherein the instructions are executed by a processor to: authenticate a user to determine if the user is among the identified authorized users, wherein the user is requesting access to a particular remotely hosted resource via a computing device having a client operating environment, characterize the user client operating environment, wherein the characterization is performed using an interrogation agent, and wherein the characterization includes: identifying provisioning objects currently stored on the user computing device, and comparing the identified provisioning objects currently on the user computing device with a list of provisioning objects that would be needed before access to the remotely hosted resource is authorized, wherein the comparison is based on the authenticated identity of the user and the characterized user client operating environment, and install one or more missing provisioning objects to the user computing device when the comparison indicates that the user computing device lacks the one or more missing provisioning objects, wherein the installation places the user computing device in compliance with the assigned zone of trust for the particular remotely hosted resource; and providing the requested remotely hosted resource to the user at the user computing device. |
