Systems and methods for event-based authentication
First Claim
1. A method of dynamic event-based authentication comprising, by a computer system:
- receiving a request to authenticate a user of a user device currently accessing an enterprise computing system;
determining an authentication context of the request, the authentication context identifying at least the user device and a current physical location of the user device;
dynamically selecting an authentication template, from among a plurality of stored authentication templates, based, at least part, on a discrete level of security deemed warranted by the authentication context;
wherein the plurality of stored authentication templates each specify one or more user-initiated event types in combination with one or more corresponding user-initiated event requests;
responsive to the request, selecting a set of previous user-initiated events of the user on the enterprise computing platform based, at least part, on the specified one or more user-initiated event types of the dynamically selected authentication template, the previous user-initiated events each relating to a discrete user action with respect to a resource on the enterprise computing system;
accessing user-specific event information related to the selected set of previous user-initiated events, wherein the user-specific event information corresponds to a field of at least one of the one or more corresponding user-initiated event requests of the selected authentication template;
generating, from at least a portion of the user-specific event information, a user-specific authentication sequence comprising a plurality of event-information requests that conform to the one or more corresponding user-initiated event requests of the authentication template; and
administering the user-specific authentication sequence to the user, the administering comprising requiring the user to provide a valid response to each of the plurality of event-information requests as a precondition to successful authentication.
22 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method is performed by a computer system. The method includes receiving a request to authenticate a user of an enterprise computing system. The method further includes, responsive to the request, selecting a set of previous user-initiated events of the user on the enterprise computing platform. Further, the method includes accessing user-specific event information related to the selected set of previous user-initiated events. In addition, the method includes generating, from at least a portion of the user-specific event information, a user-specific authentication sequence comprising a plurality of event-information requests. Additionally, the method includes administering the user-specific authentication sequence to the user, the administering comprising requiring the user to provide a valid response to each of the event-information requests as a precondition to successful authentication.
404 Citations
14 Claims
-
1. A method of dynamic event-based authentication comprising, by a computer system:
-
receiving a request to authenticate a user of a user device currently accessing an enterprise computing system; determining an authentication context of the request, the authentication context identifying at least the user device and a current physical location of the user device; dynamically selecting an authentication template, from among a plurality of stored authentication templates, based, at least part, on a discrete level of security deemed warranted by the authentication context; wherein the plurality of stored authentication templates each specify one or more user-initiated event types in combination with one or more corresponding user-initiated event requests; responsive to the request, selecting a set of previous user-initiated events of the user on the enterprise computing platform based, at least part, on the specified one or more user-initiated event types of the dynamically selected authentication template, the previous user-initiated events each relating to a discrete user action with respect to a resource on the enterprise computing system; accessing user-specific event information related to the selected set of previous user-initiated events, wherein the user-specific event information corresponds to a field of at least one of the one or more corresponding user-initiated event requests of the selected authentication template; generating, from at least a portion of the user-specific event information, a user-specific authentication sequence comprising a plurality of event-information requests that conform to the one or more corresponding user-initiated event requests of the authentication template; and administering the user-specific authentication sequence to the user, the administering comprising requiring the user to provide a valid response to each of the plurality of event-information requests as a precondition to successful authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An information handling system comprising a processor and memory, wherein the processor and memory in combination are operable to implement a method comprising:
-
receiving a request to authenticate a user of a user device currently accessing an enterprise computing system; determining an authentication context of the request, the authentication context identifying at least the user device and a current physical location of the user device; dynamically selecting an authentication template, from among a plurality of stored authentication templates, based, at least part, on a discrete level of security deemed warranted by the authentication context; wherein the plurality of stored authentication templates each specify one or more user-initiated event types in combination with one or more corresponding user-initiated event requests; responsive to the request, selecting a set of previous user-initiated events of the user on the enterprise computing platform based, at least part, on the specified one or more user-initiated event types of the dynamically selected authentication template, the previous user-initiated events each relating to a discrete user action with respect to a resource on the enterprise computing system; accessing user-specific event information related to the selected set of previous user-initiated events, wherein the user-specific event information corresponds to a field of at least one of the one or more corresponding user-initiated event requests of the selected authentication template; generating, from at least a portion of the user-specific event information, a user-specific authentication sequence comprising a plurality of event-information requests that conform to the one or more corresponding user-initiated event requests of the authentication template; and administering the user-specific authentication sequence to the user, the administering comprising requiring the user to provide a valid response to each of the plurality of event-information requests as a precondition to successful authentication. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-program product comprising a non-transitory computer-usable medium having computer-readable program code embodied therein, the computer-readable program code adapted to be executed to implement a method comprising:
-
receiving a request to authenticate a user of a user device currently accessing an enterprise computing system; determining an authentication context of the request, the authentication context identifying at least the user device and a current physical location of the user device; dynamically selecting an authentication template, from among a plurality of stored authentication templates, based, at least part, on a discrete level of security deemed warranted by the authentication context; wherein the plurality of stored authentication templates each specify one or more user-initiated event types in combination with one or more corresponding user-initiated event requests; responsive to the request, selecting a set of previous user-initiated events of the user on the enterprise computing platform based, at least part, on the specified one or more user-initiated event types of the dynamically selected authentication template, the previous user-initiated events each relating to a discrete user action with respect to a resource on the enterprise computing system; accessing user-specific event information related to the selected set of previous user-initiated events, wherein the user-specific event information corresponds to a field of at least one of the one or more corresponding user-initiated event requests of the selected authentication template; generating, from at least a portion of the user-specific event information, a user-specific authentication sequence comprising a plurality of event-information requests that conform to the one or more corresponding user-initiated event requests of the authentication template; and administering the user-specific authentication sequence to the user, the administering comprising requiring the user to provide a valid response to each of the plurality of event-information requests as a precondition to successful authentication.
-
Specification