Adaptive client-aware session security
First Claim
Patent Images
1. A computer-implemented method, comprising:
- under the control of one or more computer systems configured with executable instructions,receiving a first request associated with an identifier and a first source;
determining, based at least in part on a classification of the first source, that a change from a second source to the first source is indicative of potential malicious activity; and
causing an operation to be performed as a result of determining that the change from the second source to the first source is indicative of potential malicious activity, wherein the operation is initiation of an authentication process.
1 Assignment
0 Petitions
Accused Products
Abstract
Source information for requests submitted to a system are classified to enable differential handling of requests over a session whose source information changes over the session. For source information (e.g., an IP address) classified as fixed, stronger authentication may be required to fulfill requests when the source information changes during the session. Similarly, for source information classified as dynamic, source information may be allowed to change without requiring the stronger authentication.
206 Citations
17 Claims
-
1. A computer-implemented method, comprising:
under the control of one or more computer systems configured with executable instructions, receiving a first request associated with an identifier and a first source; determining, based at least in part on a classification of the first source, that a change from a second source to the first source is indicative of potential malicious activity; and causing an operation to be performed as a result of determining that the change from the second source to the first source is indicative of potential malicious activity, wherein the operation is initiation of an authentication process. - View Dependent Claims (2, 3, 4, 5)
-
6. A system, comprising:
-
one or more processors; and memory including instructions that, when executed by the one or more processors, cause the system to; receive a second request associated with an identifier and a second source, the second source different from a first source of a first request associated with the identifier; determine, based at least in part on a classification of the first source that indicates whether a change from the first source to another source is unexpected, an operation to perform; and cause the operation to be performed, wherein the instructions that cause the system to determine the operation to perform to protect the system, as a result of execution by the one or more processors, cause the system to select an authentication type from a plurality of authentication types that includes strong authentication and weak authentication. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A non-transitory computer-readable storage medium having stored thereon instructions that, as a result of execution by one or more processors, cause a computer system to:
-
obtain information that specifies a first request source and a second request source; classify, based at least in part on a classification of the first request source, a change from the first request source to the second request source during a session associated with an identity to determine a classification of the change; provide the classification of the change; and receive the classification of the change and determine, based at least in part on the classification of the change, whether to initiate an authentication process. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification