Legal claims defining the scope of protection, as filed with the USPTO.
1. A computer-implemented method for accessing a hosted service on a client device, the method comprising: receiving, on the client device from at least one server, a policy definition and at least one user identification, the policy definition comprised of a plurality of domain names and the user identification used for accessing the hosted service; receiving on the client device a first request to access the hosted service, the first request including a first domain name; determining if the first domain name matches a domain name in the plurality of domain names; responsive to the determining, generating a second request on the client device and submitting the second request to the server, the second request comprising the first request rerouted for transmission to the server and comprising at least one of including the user identification over a pre-established encrypted communication path or using the user identification to establish an encrypted communication path; and receiving on the client a response from the server, the response comprising a response to the second request, the response sent by the server on behalf of the hosted service over the encrypted communication path.
2. The computer-implemented method of claim 1 , wherein server behavior is responsive to the user identification.
3. The computer-implemented method of claim 1 , wherein the client device is on a first network and the server on a second network and wherein the first network and the second network are coupled by a public network.
4. The computer-implemented method of claim 3 , wherein the public network comprises Internet.
5. The computer-implemented method of claim 1 , wherein the client device in communication to the server over a virtual private network connection tunneling communications from the client device to a private network prior to communications reaching the server.
6. The computer-implemented method of claim 1 , wherein the client device coupled to a network including a proxy, the proxy applying filtering rules to limit website access by computers on the network, the proxy independent of the server, and wherein communications from the client device to the server are subject to filtering by the proxy.
7. The computer-implemented method of claim 1 , wherein the second request includes the user identity.
8. The computer-implemented method of claim 1 , wherein setup of the encrypted communication path between the server and the client device includes the user identity.
9. A computer-implemented method for accessing a hosted service on a client device, the method comprising: receiving, on the client device from a server, a policy definition and at least one user identification, the policy definition comprised of proxy auto-config (PAC) file including a plurality of URLs, the plurality of URLs including at least one URL for the hosted service and the user identification used for accessing the hosted service; receiving on a web browser on the client device a first request to access the hosted service, the first request including a first uniform resource locator (URL); determining by the web browser applying the PAC file to match a first URL to the plurality of URLs; responsive to the determining, transmitting an HTTP request from the client to the server over a pre-established encrypted communication path, the HTTP request comprises a request to the server for the first URL together with the user identification, the server being distinct from a computer identified by the URL for handling the URL; and receiving on the client an HTTP response from the server, the HTTP response comprising a response to the HTTP request, the response sent by the server on behalf of the hosted service.
10. The computer-implemented method of claim 9 , wherein the client device on a first network and the server on a second network and wherein the first network and the second network are coupled by a public network.
11. The computer-implemented method of claim 10 , wherein the public network comprises Internet.
12. The computer-implemented method of claim 9 , wherein the client device in communication to the server over a virtual private network connection tunneling communications from the client device to a private network prior to communications reaching the server.
13. The computer-implemented method of claim 9 , wherein the client device coupled to a network including a proxy, the proxy applying filtering rules to limit website access by computers on the network, the proxy independent of the server, and wherein communications from the client device to the server are subject to filtering by the proxy.
14. A computer-implemented method for accessing a cloud service on a client device, the method comprising: receiving on the client device from a server a policy definition and at least one user identification, the policy definition comprised of a plurality of URLs, the plurality of URLs including at least one URL for the cloud service and the user identification used for accessing the hosted service; receiving on the client device a first request to access the cloud service, the first request including a first uniform resource locator (URL); determining if the first URL matches a URL in the plurality of URLs; responsive to the determining, generating a second request on the client device and submitting the second request to the server, the second request comprising the first request rerouted for transmission to the server and comprising at least one of including the user identification over a pre-established encrypted communication path or using the user identification to establish an encrypted communication path; and receiving on the client a response from the server, the response comprising a response to the second request, the response sent by the server on behalf of the cloud service over the encrypted communication path.
15. The computer-implemented method of claim 14 , wherein server behavior is responsive to the user identification.
16. The computer-implemented method of claim 14 , wherein the client device is on a first network and the server on a second network and wherein the first network and the second network are coupled by a public network.
17. The computer-implemented method of claim 14 , wherein the client device in communication to the server over a virtual private network connection tunneling communications from the client device to a private network prior to communications reaching the server.
18. The computer-implemented method of claim 14 , wherein the client device coupled to a network including a proxy, the proxy applying filtering rules to limit website access by computers on the network, the proxy independent of the server, and wherein communications from the client device to the server are subject to filtering by the proxy.
19. The computer-implemented method of claim 14 , wherein the second request includes the user identity.
20. The computer-implemented method of claim 14 , wherein setup of the encrypted communication path between the server and the client device includes the user identity.
Unknown
February 23, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.