Authentication Frequency And Challenge Type Based On Application Usage
First Claim
1. A method comprising:
- presenting a first authentication challenge at a data-processing system at time t1; and
presenting a second authentication challenge at said data-processing system at time t2;
wherein the magnitude of t2-t1 is based on usage of one or more applications of said data-processing system at one or more instants in time interval [t1, t2].
23 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method are disclosed for determining authentication frequency (i.e., the length of time between authenticating and re-authenticating a user) and challenge type (e.g., username/password, fingerprint recognition, voice recognition, etc.) based on what software applications a user is running on a data-processing system, and how those applications are being used (e.g., what functions are used, what data is input to or output by the application, how often and for how long applications are used, what input devices and output devices are used, etc.) Advantageously, the illustrative embodiment enables authentication frequency and challenge type to be adjusted based on the likelihood of malicious activity and/or the potential cost of malicious activity, as inferred from current and past application usage. In addition, the illustrative embodiment enables selection of an authentication challenge type that is less intrusive to a user based on current application usage.
-
Citations
20 Claims
-
1. A method comprising:
-
presenting a first authentication challenge at a data-processing system at time t1; and presenting a second authentication challenge at said data-processing system at time t2; wherein the magnitude of t2-t1 is based on usage of one or more applications of said data-processing system at one or more instants in time interval [t1, t2]. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
- 11. A method comprising generating an authentication challenge whose type is based on usage of one or more applications of a data-processing system.
Specification