Risk Adjusted, Multifactor Authentication
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-implemented method comprising: receiving, from a device used by a user, a request to access a resource hosted by a computer system; identifying, by the computer system, a level of risk associated with the user requesting access to the resource; adjusting, by the computer system an authentication standard for access to the resource, adjusting based on the identified level of risk; determining values for authentication factors used in authenticating the user'"'"'s access to the resource; applying weights to the values for the authentication factors; and determining, based on a comparison of the weighted values to the adjusted authentication standard, whether the user is authorized to access the resource.
148 Citations
38 Claims
-
1-20. -20. (canceled)
-
21. A method comprising:
-
identifying, by a computer system, an authentication standard for access to a resource; determining by the computer system values for authentication factors used in authenticating access to the resource; applying by the computer system a weight to at least one of the values for the authentication factors, with the weight specifying an effectiveness of one authentication factor in authenticating a user relative to effectiveness of other authentication factors in authenticating the user; generating, by the computer system based on the at least one of the weighted values, an authentication score; and determining by the computer system whether the authentication score equals or exceeds the adjusted authentication standard, in order to authenticate access to the resource. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. One or more computer-readable hardware storage devices storing instructions that are executable to cause one or more processing devices to perform operations comprising:
-
identifying an authentication standard for access to a resource; determining values for authentication factors used in authenticating access to the resource; applying a weight to at least one of the values for the authentication factors, with the weight specifying an effectiveness of one authentication factor in authenticating a user relative to effectiveness of other authentication factors in authenticating the user; generating, based on the at least one of the weighted values, an authentication score; and determining whether the authentication score equals or exceeds the adjusted authentication standard, in order to authenticate access to the resource. - View Dependent Claims (28, 29, 30, 31, 32)
-
-
33. An electronic system, comprising:
-
one or more processing devices; and one or more computer-readable hardware storage devices storing instructions that are executable to cause the one or more processing devices to perform operations comprising; identifying an authentication standard for access to a resource; determining values for authentication factors used in authenticating access to the resource; applying a weight to at least one of the values for the authentication factors, with the weight specifying an effectiveness of one authentication factor in authenticating a user relative to effectiveness of other authentication factors in authenticating the user; generating, based on the at least one of the weighted values, an authentication score; and determining whether the authentication score equals or exceeds the adjusted authentication standard, in order to authenticate access to the resource. - View Dependent Claims (34, 35, 36, 37, 38)
-
Specification