| 发明名称 |
METHOD AND SYSTEM OF SECURITY LOCATION DISCRIMINATION |
| 摘要 |
<p>An improved computer network security system and method wherein access to network resources is based on information that includes the location of the connecting user. In general, the less trusted the location of the user, the more the access rights assigned to the user are restricted. A discrimination mechanism and process determines the location of a user with respect to categories of a security policy, such as to distinguish local users, intranet users and dial-up users from one another. Based on information including the location and the user's credentials, an access token is set up that may restrict the user's normal access in accordance with the security policy, such as to not restrict a user's processes beyond the user-based security information in the user's normal access token, while further restricting the same user's access to resources when connecting via a dial-up connection. Restricted tokens are preferably used to implement the location-based discrimination by restricting the security context of users connecting from less trusted locations.</p> |
| 申请公布号 |
EP1095493(A1) |
申请公布日期 |
2001.05.02 |
| 申请号 |
EP19990955576 |
申请日期 |
1999.06.09 |
| 申请人 |
MICROSOFT CORPORATION |
发明人 |
GOERTZEL, MARIO, C.;STROM, SUSI, E.;GARG, PRAERIT;SHAH, BHARAT |
| 分类号 |
G06F21/20;G06F1/00;G06F21/00;H04L29/06;H04L29/08;(IPC1-7):H04L29/06 |
主分类号 |
G06F21/20 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
