Authentication in a network using client health enforcement framework

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Nir Nice · Kfar Vradim, IL
• Anat Eyal · Nes Ziona, IL
• Chandrasekhar Nukala · Redmond, US
• Sreenivas Addagatla · Irving, US
• Eugene (John) Neystadt · Kfar Sava, IL

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2129
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A network with authentication implemented using a client health enforcement framework. The framework is adapted to receive plug-ins on clients that generate health information. Corresponding plug-ins on a server validate that health information. Based on the results of validation, the server may instruct the client to remediate or may authorize an underlying access enforcement mechanism to allow access. A client plug-in that generates authentication information formatted as a statement of health may be incorporated into such a framework. Similarly, on the server, a validator to determine, based on the authentication information, whether the client should be granted network access can be incorporated into the framework. Authentication can be simply applied or modified by changing the plug-ins, while relying on the framework to interface with an enforcement mechanism. Functions of the health enforcement framework can be leveraged to provide authentication-based functionality, such as revoking authorized access after a period of user inactivity or in response to a user command.