Distributed cloud-based security systems and methods

What is claimed is: 1 . A distributed security method implemented in a processing node of a distributed security system comprising one or more processing nodes and one or more authority nodes, wherein the distributed security system is located external to a network edge of an enterprise and external from one of a computer device and a mobile device associated with a user, the distributed security method comprising: obtaining security policy data associated with the user and the enterprise from an authority node; monitoring data communications between the user, the enterprise, and the Internet in a processing node; and controlling the data communications between the user, the enterprise, and the Internet based on the monitoring to provide security measures between the user, the enterprise, and the Internet. 2 . The distributed security method of claim 1 , wherein the monitoring comprises: operating one or more data inspection engines on content items in the data communications to determine a decision vector, wherein the controlling is based on the decision vector. 3 . The distributed security method of claim 2 , wherein master security for the data inspection engines is provided by the authority node based on updates received from the one or more processing nodes. 4 . The distributed security method of claim 2 , wherein the one or more data inspection engines comprise a detection processing filter which front ends threat data, wherein the detection processing filter is used first on the content items to reduce processing time thereof. 5 . The distributed security method of claim 1 , further comprising: maintaining a state of the user related to authentication of the user comprising validation of an identity of the user and authorization of the user comprising eligibility of a validate user to complete an action. 6 . The distributed security method of claim 5 , wherein the state is maintained at the processing node, and wherein the authority node and the processing node operate cooperatively to identify fraudulently generated authentication data or authorization data. 7 . The distributed security method of claim 1 , wherein the security threats comprise spyware, malware, viruses, spam, and undesirable content. 8 . A processing node in a distributed security system comprising one or more processing nodes and one or more authority nodes, wherein the distributed security system is located external to a network edge of an enterprise and external from one of a computer device and a mobile device associated with a user, the processing node: one or more processors; and memory storing instructions that, when executed, cause the one or processors to obtain security policy data associated with the user and the enterprise from an authority node; monitor data communications between the user, the enterprise, and the Internet in a processing node; and control the data communications between the user, the enterprise, and the Internet based on monitoring the data communications to provide security measures between the user, the enterprise, and the Internet. 9 . The processing node of claim 8 , wherein the processing node monitors the data communications through operation of one or more data inspection engines on content items in the data communications to determine a decision vector, wherein the data communications are controlled is based on the decision vector. 10 . The processing node of claim 9 , wherein master security for the data inspection engines is provided by the authority node based on updates received from the one or more processing nodes. 11 . The processing node of claim 9 , wherein the one or more data inspection engines comprise a detection processing filter which front ends threat data, wherein the detection processing filter is used first on the content items to reduce processing time thereof. 12 . The processing node of claim 9 , wherein the memory storing instructions that, when executed, further cause the one or processors to maintain a state of the user related to authentication of the user comprising validation of an identity of the user and authorization of the user comprising eligibility of a validate user to complete an action. 13 . The processing node of claim 12 , wherein the state is maintained at the processing node, and wherein the authority node and the processing node operate cooperatively to identify fraudulently generated authentication data or authorization data. 14 . The processing node of claim 9 , wherein the security threats comprise spyware, malware, viruses, spam, and undesirable content. 15 . A distributed security system, comprising: one or more processing nodes and one or more authority nodes, wherein the distributed security system is located external to a network edge of an enterprise and external from one of a computer device and a mobile device associated with a user; where each of the one or more processing nodes comprises one or more processors and memory storing instructions that, when executed, cause the one or processors to obtain security policy data associated with the user and the enterprise from an authority node; monitor data communications between the user, the enterprise, and the Internet in a processing node; and control the data communications between the user, the enterprise, and the Internet based on monitoring the data communications to provide security measures between the user, the enterprise, and the Internet. 16 . The distributed security system of claim 15 , wherein the processing node monitors the data communications through operation of one or more data inspection engines on content items in the data communications to determine a decision vector, wherein the data communications are controlled is based on the decision vector. 17 . The distributed security system of claim 16 , wherein master security for the data inspection engines is provided by the authority node based on updates received from the one or more processing nodes. 18 . The distributed security system of claim 16 , wherein the one or more data inspection engines comprise a detection processing filter which front ends threat data, wherein the detection processing filter is used first on the content items to reduce processing time thereof. 19 . The distributed security system of claim 15 , wherein the memory storing instructions that, when executed, further cause the one or processors to maintain a state of the user related to authentication of the user comprising validation of an identity of the user and authorization of the user comprising eligibility of a validate user to complete an action. 20 . The distributed security system of claim 19 , wherein the state is maintained at the processing node, and wherein the authority node and the processing node operate cooperatively to identify fraudulently generated authentication data or authorization data.