GLOBALLY AWARE AUTHENTICATION SYSTEM
First Claim
1. A method for computer-system authentication monitoring that can detect and report a response to both global unauthorized computer-access threats across independent, external networks and local unauthorized computer-access threats at a local network, while remaining transparent to individual users of the local network, the method comprising:
- receiving input data, wherein the input data includes;
statistical information on authorized and unauthorized computer-access at the local network, wherein the statistical information includes both historical computer-access patterns and current computer-access attempts at the local network;
externally received information on potential and actual security threats at one or more of the independent, external networks; and
administrator-specified access metrics associated with the local network;
analyzing the input data to generate at least one security status parameter based on the analyzed input data, wherein the analysis is configurable by a system administrator associated with the local network;
producing human-readable output including;
alerts to users of the local network, andreports to the system administrator associated with the local network; and
,providing scaled network security responses for at least the local network, wherein the scaled responses provide a higher degree of network access security measures to the users for accessing the local network when the at least one security status parameter indicates a higher network security threat, and a lower degree of network access security measures to the users for accessing the local network when the at least one security status parameter indicates a lower network security threat.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer security monitoring method and system includes receiving input data, wherein the input data includes user account data associated with a user'"'"'s security-related interaction with a particular network, security-related local network data associated with the particular network, and security-related external network data regarding security threats at one or more independent, external networks. The input data is analyzed to generate at least one composite security status score, wherein the analyzing includes an analysis of the user account data based on previously stored data associated with the user account, and an analysis of the security-related local and external network data to adjust the composite security status score when the analysis of the security-related local and external network data indicates an increased security threat. The method and system may produce human-readable output including an alert associated with the at least one composite security status score. Other features are disclosed.
353 Citations
20 Claims
-
1. A method for computer-system authentication monitoring that can detect and report a response to both global unauthorized computer-access threats across independent, external networks and local unauthorized computer-access threats at a local network, while remaining transparent to individual users of the local network, the method comprising:
-
receiving input data, wherein the input data includes; statistical information on authorized and unauthorized computer-access at the local network, wherein the statistical information includes both historical computer-access patterns and current computer-access attempts at the local network; externally received information on potential and actual security threats at one or more of the independent, external networks; and administrator-specified access metrics associated with the local network; analyzing the input data to generate at least one security status parameter based on the analyzed input data, wherein the analysis is configurable by a system administrator associated with the local network; producing human-readable output including; alerts to users of the local network, and reports to the system administrator associated with the local network; and
,providing scaled network security responses for at least the local network, wherein the scaled responses provide a higher degree of network access security measures to the users for accessing the local network when the at least one security status parameter indicates a higher network security threat, and a lower degree of network access security measures to the users for accessing the local network when the at least one security status parameter indicates a lower network security threat. - View Dependent Claims (2, 3)
-
-
4. A computer-readable medium storing computer-executable instructions that provide an electronic access authentication monitoring method associated with a specific network, the method comprising:
-
receiving data on authorized and unauthorized access attempts at the specific network, wherein the access attempts data includes both successful and unsuccessful access attempts to the specific network; receiving at least one system administrator-specified value; receiving external information on current, historical, or potential security threats associated with other networks; storing the received data; processing the access attempts data, the administrator-specified value, and the external information based on at least one configurable threshold; and displaying security report information, including notifications and near real-time risk monitoring associated with the processing of the access attempts data, the administrator-specified value, and the external information, wherein at least some of the security report information is provided in a single display to at least a system administrator, and wherein the near real-time risk monitoring includes a display of a measure of a present security risk to the specific network. - View Dependent Claims (5, 6, 7, 8, 9, 10)
-
-
11. A computer security monitoring method, comprising:
-
receiving input data, wherein the input data includes; user account data associated with a security-related interaction with a particular local network, and, security-related network data regarding security threats at the particular local network or at one or more independent, external networks; analyzing the input data to generate at least one composite security status score, wherein the analyzing includes an analysis of the user account data based on previously stored data associated with the user account, and an analysis of the security-related local or external network data to adjust the composite security status score when the analysis of the security-related local or external network data indicates an increased security threat; producing human-readable output including; an alert associated with the at least one composite security status score. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer security system, comprising:
-
input means for receiving input data, wherein the input data includes; user account data associated with a security-related interaction with a particular network, security-related local network data associated with the particular network, and, security-related external network data regarding security threats at one or more independent, external networks; processing, coupled to the input means, means for processing the input data to generate a security status score, wherein the means for processing includes means for analyzing the user account data based on previously stored data associated with the user account, and for analyzing the security-related local and external network data to adjust the composite security status score when the analysis of the security-related local and external network data indicates an increased security threat; and output means, coupled to the processing means, for producing human-readable output including human-readable output associated with the at least one composite security status score.
-
Specification