Dynamic change in plurality of security layers based on projected risk
First Claim
1. A method of accessing a secured resource, comprising:
- monitoring activity of a user;
storing, by one or more processors of a computer system, a historical record including a historical pattern of activity of a user, wherein said historical record is updated based on said activity of said user;
receiving, by the one or more processors, a request from said user to access a secured resource;
performing, by the one or more processors, a first security check with respect to said user to determine whether a first security protocol is satisfied by the user in order to be permitted to access the secured resource;
allowing, by the one or more processors, the user to access the secured resource in response to a determination that the first security check is satisfied by the user;
conducting, by the one or more processors, a comparison of current activity of said user with the historical record of said user;
deriving, by the one or more processors, a risk factor based on said comparison;
performing, by the one or more processors, based on said risk factor, a selection process for selecting from a plurality of additional security choices a second security check with respect to said user to determine whether a second security protocol is satisfied by the user in order to be permitted to continue to access the secured resource, said second security check being selected from said plurality of additional security choices based on a relative scaling factor related to said risk factor;
allowing, by the one or more processors, the user to continue to access the secured resource in response to a determination that the second security condition is satisfied by the user.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and associated system. Before allowing a user to use a secured resource, a first security check may be performed with respect to the user and/or the secured resource to determine whether a first security condition is satisfied. In response to a first security condition being satisfied, allowing the user to use the secured resource. In response to failing to satisfy the at least one first security condition, performing a second security check on the user with a second security condition. In response to passing a second security condition, allowing the user to use the secured resource. The first security condition may include a dynamic evaluation of at least one available data point to calculate a projected security risk of the user using the secured resource and the level of complexity of the second security condition may be set based on the calculated projected security risk.
-
Citations
19 Claims
-
1. A method of accessing a secured resource, comprising:
-
monitoring activity of a user; storing, by one or more processors of a computer system, a historical record including a historical pattern of activity of a user, wherein said historical record is updated based on said activity of said user; receiving, by the one or more processors, a request from said user to access a secured resource; performing, by the one or more processors, a first security check with respect to said user to determine whether a first security protocol is satisfied by the user in order to be permitted to access the secured resource; allowing, by the one or more processors, the user to access the secured resource in response to a determination that the first security check is satisfied by the user; conducting, by the one or more processors, a comparison of current activity of said user with the historical record of said user; deriving, by the one or more processors, a risk factor based on said comparison; performing, by the one or more processors, based on said risk factor, a selection process for selecting from a plurality of additional security choices a second security check with respect to said user to determine whether a second security protocol is satisfied by the user in order to be permitted to continue to access the secured resource, said second security check being selected from said plurality of additional security choices based on a relative scaling factor related to said risk factor; allowing, by the one or more processors, the user to continue to access the secured resource in response to a determination that the second security condition is satisfied by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification