Granular authorization for network user sessions
First Claim
1. In a computing device including a security module that may grant a user session access to network resources, a method for granting a mobile user session access to network resources depending on one or more authentication methods and the security of one or more devices associated with the mobile user session so as to grant access that corresponds to the trustworthiness of the associated authentication methods and devices, the method comprising:
- an act of accessing characteristics of one or more authentication methods associated with the mobile user session; and
an act of generating an authentication bundle representative of access to network resources by synthesizing the accessed characteristics, wherein the authentication bundle may be used to grant the mobile user session access to network resources.
2 Assignments
0 Petitions
Accused Products
Abstract
Providing access to a mobile user session in a manner that more closely corresponds access to network resources to the trustworthiness of authentication methods and devices associated with the mobile user session. Characteristics of authentication methods associated with a mobile user session are synthesized to generate an authentication bundle. Characteristics may include data associated with passwords, biometric data or devices used to execute an authentication method. By synthesizing characteristics in varied manners, a non-binary sliding scale of access to network resources may be generated. An authentication bundle may be accessed to grant a mobile user session appropriate access to network resources. Granting access may include generating an authorization token that is passed to a filter or reverse proxy. Access to network resources may be dynamically modified as authentication methods associated with a mobile user session change.
-
Citations
43 Claims
-
1. In a computing device including a security module that may grant a user session access to network resources, a method for granting a mobile user session access to network resources depending on one or more authentication methods and the security of one or more devices associated with the mobile user session so as to grant access that corresponds to the trustworthiness of the associated authentication methods and devices, the method comprising:
-
an act of accessing characteristics of one or more authentication methods associated with the mobile user session; and
an act of generating an authentication bundle representative of access to network resources by synthesizing the accessed characteristics, wherein the authentication bundle may be used to grant the mobile user session access to network resources. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. In a computing device including an access granting module that may grant a user session access to network resources, a method for granting a mobile user session access to network resources depending on one or more authentication methods and the security of one or more devices associated with the mobile user session so as to grant access that corresponds to the trustworthiness of the associated authentication methods and devices, the method comprising:
-
an act of accessing an authentication bundle, the authentication bundle having been generated by synthesizing characteristics of one or more authentication methods associated with the mobile user session; and
an act of granting access to network resources, wherein the extent of access may differ depending on the characteristics. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A computer program product for implementing, in a computing device including a security module that may grant a user session access to network resources, a method for granting a mobile user session access to network resources depending on one or more authentication methods and the security of one or more devices so as to grant access that corresponds to the trustworthiness of the associated authentication methods and devices, the computer program product comprising:
a computer-readable medium carrying computer-executable instructions, that when executed at the computing device, cause the computing device to perform the method, including;
an act of accessing characteristics of one or more authentication methods associated with the mobile user session; and
an act of generating an authentication bundle representative of access to network resources by synthesizing accessed characteristics. - View Dependent Claims (41)
-
42. A computer program product for implementing, in a computing device including a security module that may grant a user session access to network resources, a method for granting a mobile user session access to network resources depending on one or more authentication methods and the security of one or more devices so as to grant access that corresponds to the trustworthiness of the associated authentication methods and devices, the computer program product comprising:
a computer-readable medium carrying computer-executable instructions, that when executed at the computing device, cause the computing device to perform the method, including;
an act of accessing an authentication bundle, the authentication bundle having been generated by synthesizing characteristics of one or more authentication methods associated with the mobile user session; and
an act of granting access to network resources, wherein the extent of access may differ depending on the characteristics. - View Dependent Claims (43)
Specification