Controlling access to and distribution of enterprise resources, such as documents, databases, and executable applications, in a networked environment is critical to ensure that only authorized users and network-connected devices may gain access to sensitive information. Depending on the sensitivity of a given resource, an array of authorization rules may be necessary to ensure that the resource is adequately protected. Some resources may only require ensuring that the proper user is requesting the resource. Other resources may require compliance with more stringent authorization rules, such as determining whether an appropriate transport protocol is used (i.e., http and/or https) by the requesting device, determining whether access to the resource is permitted for a specified duration or at a given time, determining whether the resource is accessed from a secured device, etc.
To date, enterprises have distributed resources to network-connected resources using internal secured networks and VPN tunnels to those networks. While these methods provide a secure channel for distribution, these methods typically do not authenticate the recipient beyond ensuring a proper recipient. Furthermore, these methods are ineffective in continuously ensuring that the resource is protected. In particular, these methods fail to ensure that the resource is protected beyond the initial grant of access to the resource. This is additionally problematic, as the recipient of the resource may at some point cease to comply with the conditions required to receive the resource. Finally, these methods do not restrict an authorized recipient from subsequently transmitting certain resources to other potentially unauthorized recipients.