Fabric assisted identity and authentication
First Claim
1. A machine readable storage device or storage disk comprising instructions that, when executed, cause a machine for context-based authentication in a secure network including multiple interconnected programmable devices to at least:
- obtain, from a programmable device, identity data and contextual data associated with a current authentication of a user attempting to access the secure network, the user being associated with the programmable device, the contextual data indicating a number of authentication factors implementable by the programmable device in connection with the current authentication, whether the programmable device is an approved device for the secure network, and whether the programmable device is attempting to access the secure network via a physical communication mechanism;
determine, based on the identity data and the contextual data, one or more patterns associated with the current authentication of the user;
determine, based on the identity data, the number of authentication factors indicated by the contextual data, and the one or more patterns, a risk level associated with the current authentication of the user;
access the secure network in response to the determined risk level satisfying a threshold;
request additional identity data in response to the determined risk level not satisfying the threshold; and
determine whether to permit access to the secure network based on the current authentication and the additional identity data.
10 Assignments
0 Petitions
Accused Products
Abstract
Context-based authentication in a secure network comprised of multiple interconnected programmable devices is described. One technique includes receiving, from a programmable device, identity data and contextual data associated with a current authentication of a user attempting to access a secure network. The user is associated with the programmable device. The technique may include determining, based on the identity data and the contextual data, one or more patterns associated with the current authentication of the user. Furthermore, a risk level associated with the current authentication of the user may be determined based on the identity data, the contextual data, and the one or more patterns. In at least one scenario, access is granted to the secure network in response to the determined risk level. Other advantages and embodiments are described.
-
Citations
19 Claims
-
1. A machine readable storage device or storage disk comprising instructions that, when executed, cause a machine for context-based authentication in a secure network including multiple interconnected programmable devices to at least:
-
obtain, from a programmable device, identity data and contextual data associated with a current authentication of a user attempting to access the secure network, the user being associated with the programmable device, the contextual data indicating a number of authentication factors implementable by the programmable device in connection with the current authentication, whether the programmable device is an approved device for the secure network, and whether the programmable device is attempting to access the secure network via a physical communication mechanism; determine, based on the identity data and the contextual data, one or more patterns associated with the current authentication of the user; determine, based on the identity data, the number of authentication factors indicated by the contextual data, and the one or more patterns, a risk level associated with the current authentication of the user; access the secure network in response to the determined risk level satisfying a threshold; request additional identity data in response to the determined risk level not satisfying the threshold; and determine whether to permit access to the secure network based on the current authentication and the additional identity data. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for context-based authentication in a secure network including multiple interconnected programmable devices, the method comprising:
-
obtaining, from a programmable device, identity data and contextual data associated with a current authentication of a user attempting to access the secure network, the user being associated with the programmable device, the contextual data indicating a number of authentication factors implementable by the programmable device in connection with the current authentication, whether the programmable device is an approved device for the secure network, and whether the programmable device is attempting to access the secure network via a physical communication mechanism; determining, based on the identity data and the contextual data, one or more patterns associated with the current authentication of the user; determining, based on the identity data, the number of authentication factors indicated by the contextual data, and the one or more patterns, a risk level associated with the current authentication of the user; permitting access to the secure network in response to one or more processors determining the determined risk level satisfies a threshold; requesting additional identity data in response to the one or more processors determining the determined risk level does not satisfy the threshold; and determining whether to permit access to the secure network based on the current authentication and the additional identity data. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system for context-based authentication in a secure network including multiple interconnected programmable devices, the system comprising:
-
one or more processors; and a memory including instructions that, when executed, cause the one or more processors to; access identity data and contextual data associated with a current authentication of a user attempting to access the secure network with a programmable device of the multiple interconnected programmable devices, the contextual data indicating a number of authentication factors implementable by the programmable device in connection with the current authentication, whether the programmable device is an approved device for the secure network, and whether the programmable device is attempting to access the secure network via a physical communication mechanism; determine, based on the identity data and the contextual data, one or more patterns associated with the current authentication of the user; determine, based on the identity data, the number of authentication factors indicated by the contextual data, and the one or more patterns, a risk level associated with the current authentication of the user; permit access to the secure network in response the determined risk level satisfying a threshold; request additional identity data in response to the determined risk level not satisfying the threshold; and determine whether to permit access to the secure network based on the current authentication and the additional identity data. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification