Flexible end-point compliance and strong authentication for distributed hybrid enterprises

Assignee

• Microsoft Corporation · US

Inventors

• Asaf Kariv · Tel Mond, IL
• Oleg Ananiev · Migdal HaEmek, IL
• Eli Tovbeyn · Holon, IL
• Daniel Kershaw · Cambridge, GB
• Eugene (John) Neystadt · Kfar Sava, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/082
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems, methods and apparatus for accessing at least one resource hosted by at least one server of a cloud service provider. In some embodiments, a client computer sends authentication information associated with a user of the client computer and a statement of health regarding the client computer to an access control gateway deployed in an enterprise's managed network. The access control gateway authenticates the user and determines whether the user is authorized to access the at least one resource hosted in the cloud. If the user authentication and authorization succeeds, the access control gateway requests a security token from a security token service trusted by an access control component in the cloud and forwards the security token to the client computer. The client computer sends the security token to the access component in the cloud to access the at least one resource from the at least one server.