Context Sensitive Dynamic Authentication in A Cryptographic System
First Claim
1. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
- obtaining user data from a user during an authentication attempt;
obtaining circumstantial data associated with the authentication attempt; and
determining a level of trust associated with the authentication attempt based on the comparison of the circumstantial data with previously stored data.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for performing authentication of a first user to a second user includes the ability for the first user to submit multiple instances of authentication data which are evaluated and then used to generate an overall level of confidence in the claimed identity of the first user. The individual authentication instances are evaluated based upon: the degree of match between the user provided by the first user during the authentication and the data provided by the first user during his enrollment; the inherent reliability of the authentication technique being used; the circumstances surrounding the generation of the authentication data by the first user; and the circumstances surrounding the generation of the enrollment data by the first user. This confidence level is compared with a required trust level which is based at least in part upon the requirements of the second user, and the authentication result is based upon this comparison.
-
Citations
42 Claims
-
1. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
-
obtaining user data from a user during an authentication attempt; obtaining circumstantial data associated with the authentication attempt; and determining a level of trust associated with the authentication attempt based on the comparison of the circumstantial data with previously stored data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
- 12. A system for graded authentication comprising user data obtained from a user during at least one previously successful authentication attempt, circumstantial data associated with the at least one previously successful authentication attempt, and a trust engine which generates a level of trust associated with a current authentication attempt based on the comparison of circumstantial data associated with the current authentication attempt with the circumstantial data associated with the at least one previously successful authentication attempt.
-
17. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation; comparing the metadata with previously stored data; and determining a level of trust associated with the authentication operation. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation; and determining a level of trust associated with the authentication operation based on the metadata. - View Dependent Claims (26, 27, 28, 29)
-
-
30. A method for grading an authentication operation that relies on a variable set of authentication techniques to obtain authentication data, the method comprising:
-
defining the reliability of a set of authentication techniques that may be used in an authentication operation; receiving authentication data during an authentication operation, said authentication data generated using a subset of the authentication techniques; determining the acceptability of the authentication data generated by each of the subset of authentication techniques; and defining the level of trust of the authentication operation based upon the acceptability of the authentication data and based upon the reliability of the authentication techniques used in generating the authentication data. - View Dependent Claims (31, 32, 33)
-
-
34. An apparatus for evaluating an authentication attempt comprising:
-
reliability data associated with a set of authentication techniques that may be used in an authentication attempt; a plurality of authentication instances generated using a subset of the authentication techniques; and a trust engine which determines a level of match associated with each authentication instance and assigns a level of trust for the authentication attempt based upon the level of match associated with each authentication instance and the reliability of the technique used in each authentication instance. - View Dependent Claims (35)
-
-
36. An apparatus as in claim wherein the trust engine further assigns a result for the authentication based upon a comparison of the level of trust associated with the authentication attempt and the required level of trust.
-
37. An apparatus as in claim wherein the required level of trust is determined by the trust engine based upon the risk associated with a successful authentication.
-
38. A method for grading an authentication attempt comprising:
-
defining the reliability of a set of authentication techniques that may be used in an authentication attempt; receiving a plurality of authentication instances generated using a subset of the authentication techniques; determining a level of match associated with each authentication instance; and defining a level of trust of the authentication attempt based upon the level of match associated with each authentication instance and based upon the reliability of the technique used in each authentication instance. - View Dependent Claims (39, 40, 41, 42)
-
Specification