IMPLICIT AUTHENTICATION

US 20110016534A1
Filed: 07/16/2009
Published: 01/20/2011
Est. Priority Date: 07/16/2009
Status: Active Grant

First Claim

Patent Images

1. A method for implicitly authenticating a user to access a controlled resource, the method comprising:

receiving a request to access the controlled resource;

determining a user behavior score based at least on a user behavior model derived from historical contextual data of a user, and recent contextual data of the user collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication,wherein the user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern,wherein the recent contextual data comprise a plurality of data streams which provide basis for the determination of the user behavior score, andwherein a data stream alone provides insufficient basis for the determination of the user behavior score; and

providing the user behavior score to an access controller of the controlled resource, thereby making an authentication decision derived from the user behavior score for the user to access the controlled resource based at least on the user behavior score.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.

357 Citations

27 Claims

1. A method for implicitly authenticating a user to access a controlled resource, the method comprising:
- receiving a request to access the controlled resource;
  
  determining a user behavior score based at least on a user behavior model derived from historical contextual data of a user, and recent contextual data of the user collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication,wherein the user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern,wherein the recent contextual data comprise a plurality of data streams which provide basis for the determination of the user behavior score, andwherein a data stream alone provides insufficient basis for the determination of the user behavior score; and
  
  providing the user behavior score to an access controller of the controlled resource, thereby making an authentication decision derived from the user behavior score for the user to access the controlled resource based at least on the user behavior score.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - collecting contextual data of the user periodically from one or more user devices; and
      
      updating the user behavior model based on the collected contextual data of the user.
  - 3. The method of claim 2, further comprising:
    - determining an action based on the user behavior score, wherein the action includes a demand for a further authentication.
  - 4. The method of claim 2, further comprising:
    - determining that the user behavior score is higher than a predetermined threshold value; and
      
      authenticating the user to access the controlled resource using the authentication decision derived from the user behavior score.
  - 5. The method of claim 2, wherein the authentication decision derived from the user behavior score is used to increase or decrease an assurance associated with another form of authentication.
  - 6. The method of claim 1, wherein determining the user behavior score comprises:
    - observing the recent event associated with the recent contextual data of the user;
      
      calculating a quality measure associated with the recent event;
      
      calculating a weight associated with the type of observation;
      
      determining that the observed recent event is consistent with the user behavior model; and
      
      increasing or decreasing the user behavior score based on the quality measure and the weight.
  - 7. The method of claim 1, further comprising collecting the contextual data with a number of measurements, wherein the user behavior model describes the past user behavior pattern by a combination of one or more measurements.
  - 8. The method of claim 1, wherein the recent contextual data of the user comprise data from at least one of the following sources:
    - device data that are available on a user device;
      
      carrier data that are available to a network carrier; and
      
      third-party provider data that are available to a third-party provider providing an application to the user.
  - 9. The method of claim 1, wherein the recent contextual data of the user comprise one or more of:
    - GPS data, accelerometer data, voice data, sensor data, application usage data, web browser data, authentication attempts, connection attempts, network traffic pattern, DNS requests, typing pattern, biometric data, social group membership information, and user demographics data.
  - 10. The method of claim 1, wherein the user behavior model is stored in a user model look-up table, the look-up table comprising:
    - historical information on whether a condition is satisfied; and
      
      information on a plurality of events, each event being associated with a probability distribution and a scoring distribution.
  - 11. The method of claim 1, further comprising collecting the historical contextual data via one or more of a survey of contextual information about the user entered by a representative of the user, an accumulation of periodically transmitted contextual data of the user from one or more devices, oran inheritance of the contextual information about the user from another device associated with the user.
  - 12. The method of claim 1, further comprising deriving the user behavior model from a second user behavior model of a group of users sharing similar characteristics.
  - 13. The method of claim 1,wherein the recent event belongs to one of a plurality of categories, the plurality of categories comprising one or more of:
    - a very positive event, a positive event, a neutral event, a negative event, and a very negative event; and
      
      wherein the determination of increasing or decreasing the user behavior score and the amount of increment or decrement are associated with the category to which the recent event belongs.

14. A system for implicitly authenticating a user to access a controlled resource, the system comprising:
- a user access request receiver configured to receive a request to access the controlled resource;
  
  a behavioral score grader configured to determine a user behavior score based at least on a user behavior model derived from historical contextual data of a user, and recent contextual data of the user collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication,wherein the user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern,wherein the recent contextual data comprise a plurality of data streams which provide basis for the determination of the user behavior score, andwherein a data stream alone provides insufficient basis for the determination of the user behavior score; and
  
  an authentication information provision mechanism configured to provide the user behavior score to an access controller of the controlled resource, thereby making an authentication decision derived from the user behavior score for the user to access the controlled resource based at least on the user behavior score.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The system of claim 14, further comprising:
    - a contextual data collector configured to collect contextual data of the user periodically from one or more user devices; and
      
      a user behavior modeler configured to update the user behavior model based on the collected contextual data of the user.
  - 16. The system of claim 15, further comprising:
    - a determining mechanism configured to determine an action based on the user behavior score, wherein the action includes a demand for a further authentication.
  - 17. The system of claim 15, further comprising:
    - a determining mechanism configured to determine that the user behavior score is higher than a predetermined threshold value; and
      
      an implicit authenticator configured to authenticate the user to access the controlled resource using the authentication decision derived from the user behavior score.
  - 18. The system of claim 15, wherein the authentication decision derived from the user behavior score is used to increase or decrease an assurance associated with another form of authentication.
  - 19. The system of claim 14, wherein the determining mechanism is further configured to:
    - observe the recent event associated with the recent contextual data of the user;
      
      calculate a quality measure associated with the recent event;
      
      calculate a weight associated with the type of observation;
      
      determine that the observed recent event is consistent with the user behavior model; and
      
      increase or decrease the user behavior score based on the quality measure and the weight.
  - 20. The system of claim 14, further comprising a contextual data collector configured to collect the contextual data with a number of measurements, wherein the user behavior model describes the past user behavior pattern by a combination of one or more measurements.
  - 21. The system of claim 14, wherein the recent contextual data of the user comprise data from at least one of the following sources:
    - device data that are available on a user device;
      
      carrier data that are available to a network carrier; and
      
      third-party provider data that are available to a third-party provider providing an application to the user.
  - 22. The system of claim 14, wherein the recent contextual data of the user comprise one or more of:
    - GPS data, accelerometer data, voice data, sensor data, application usage data, web browser data, authentication attempts, connection attempts, network traffic pattern, DNS requests, typing pattern, biometric data, social group membership information, and user demographics data.
  - 23. The system of claim 14, wherein the user behavior model is stored in a user model look-up table, the look-up table comprising:
    - historical information on whether a condition is satisfied; and
      
      information on a plurality of events, each event being associated with a probability distribution and a scoring distribution.
  - 24. The system of claim 14, further comprising a contextual data collector configured to collect the historical contextual data via one or more of a survey of contextual information about the user entered by a representative of the user, an accumulation of periodically transmitted contextual data of the user from one or more devices, oran inheritance of the contextual information about the user from another device associated with the user.
  - 25. The system of claim 14, further comprising a model-deriving mechanism configured to derive the user behavior model from a second user behavior model of a group of users sharing similar characteristics
  - 26. The system of claim 14,wherein the recent event belongs to one of a plurality of categories, the plurality of categories comprising one or more of:
    - a very positive event, a positive event, a neutral event, a negative event, and a very negative event; and
      
      wherein the determination of increasing or decreasing the user behavior score and the amount of increment or decrement are associated with the category to which the recent event belongs.

27. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for implicitly authenticating a user to access a controlled resource, the method comprising:
- receiving a request to access the controlled resource;
  
  determining a user behavior score based at least on a user behavior model derived from historical contextual data of a user, and recent contextual data of the user collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication,wherein the user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern,wherein the recent contextual data comprise a plurality of data streams which provide basis for the determination of the user behavior score, andwherein a data stream alone provides insufficient basis for the determination of the user behavior score; and
  
  providing the user behavior score to an access controller of the controlled resource, thereby making an authentication decision derived from the user behavior score for the user to access the controlled resource based at least on the user behavior score.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Palo Alto Research Center, Inc. (Xerox Holdings Corp.)
Inventors
Grandcolas, Mark J., Shi, Runting, Chow, Richard, Jakobsson, Bjorn Markus, Golle, Philippe J. P.

Granted Patent

US 8,312,157 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/28
CPC Class Codes

G06F 21/316   by observing the pattern of...

H04L 63/0892   by using authentication-aut...

H04L 63/102   Entity profiles

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

IMPLICIT AUTHENTICATION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

357 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

IMPLICIT AUTHENTICATION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

357 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others