Invention Grant
- Patent Title: Zero trust architecture with browser-supported security posture data collection
-
Application No.: US18214326Application Date: 2023-06-26
-
Publication No.: US11936671B1Publication Date: 2024-03-19
- Inventor: Jason Meller , Joseph Sokol-Margolis , Levi C. Kennedy
- Applicant: Kolide, Inc.
- Applicant Address: US MA Malden
- Assignee: Kolide, Inc.
- Current Assignee: Kolide, Inc.
- Current Assignee Address: US MA Malden
- Agent David H. Judson
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/30 ; G06F21/31 ; H04L9/32 ; H04L9/40

Abstract:
A zero trust application enables access to a protected resource from a client device associated with a user. The client device has a browser, and an agent running locally and accessible via a local loopback interface. During an authentication flow, a browser-based script executes in the browser to deliver a challenge to the agent, and to collect a response to that challenge from the agent using a graphics file-based encoding scheme, and to deliver that information to the application for verifying the client device and its security posture. Depending on that security posture, the authentication flow may be permitted to complete. If a failure of the security posture is identified, the user may be permitted during the on-going authentication flow to address that failure and request a re-check of the posture.
Information query