AUTHENTICATING USER SESSIONS BASED ON REPUTATION OF USER LOCATIONS
First Claim
1. A computer implemented method for authenticating a user session, the method comprising:
- receiving a request for creating a session from a computing device;
identifying a location associated with the computing device originating the request;
receiving a measure of reputation of the location, wherein the measure of reputation of the location is determined based at least in part on statistical information for a set of past sessions that originated from the location and were determined to be suspicious;
determining a level of authentication required from the sender of the request based on the measure of reputation of the location; and
sending a request for authentication, wherein the information requested for authentication is determined based on the level of authentication.
2 Assignments
0 Petitions
Accused Products
Abstract
User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.
-
Citations
20 Claims
-
1. A computer implemented method for authenticating a user session, the method comprising:
-
receiving a request for creating a session from a computing device; identifying a location associated with the computing device originating the request; receiving a measure of reputation of the location, wherein the measure of reputation of the location is determined based at least in part on statistical information for a set of past sessions that originated from the location and were determined to be suspicious; determining a level of authentication required from the sender of the request based on the measure of reputation of the location; and sending a request for authentication, wherein the information requested for authentication is determined based on the level of authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer implemented method for determining a measure of reputation of a netblock, the method comprising:
-
receiving information related to a plurality of sessions originating from a location, wherein a session originating from a location is created from device associated with the location; determining a measure of suspiciousness for each session in the plurality of sessions based on actions associated with the session indicating authenticity of the session; determining a measure of reputation of the location based on an aggregate of measures of suspiciousness of sessions originating from the location, wherein the measure of reputation of the location is used to determine the level of authentication required for sessions originating from the location; and storing the determined measure of reputation of the location in a computer readable medium. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A computer program product having a computer-readable storage medium storing computer-executable code for authenticating a user session, the code comprising:
-
a session manager configured to; receive a request for creating a session from a computing device; identify a location associated with the computing device originating the request; receive a measure of reputation of the location, wherein the measure of reputation of the location is determined based at least in part on statistical information for a set of past sessions that originated from the location and were determined to be suspicious; an authentication manager configured to; determine a level of authentication required from the sender of the request based on the measure of reputation of the location; and send a request for authentication, wherein the information requested for authentication is determined based on the level of authentication.
-
-
20. A computer program product having a computer-readable storage medium storing computer-executable code for determining a measure of reputation of a netblock, the method comprising:
a suspicious index manager configured to; receive information related to a plurality of sessions originating from a location, wherein a session originating from a location is created from device associated with the location; determine a measure of suspiciousness for each session in the plurality of sessions based on actions associated with the session indicating authenticity of the session; determine a measure of reputation of the location based on an aggregate of measures of suspiciousness of sessions originating from the location, wherein the measure of reputation of the location is used to determine the level of authentication required for sessions originating from the location; and store the determined measure of reputation of the location in a computer readable medium.
Specification