AUTHENTICATION SEQUENCING BASED ON NORMALIZED LEVELS OF ASSURANCE OF IDENTITY SERVICES
First Claim
1. A method comprising:
- identifying a first authentication associated with a user;
assigning a level of assurance value to the user based on the first authentication;
determining if the user is associated with a second authentication;
incrementing, if the user is associated with the second authentication, the level of assurance value assigned to the user; and
allowing, by a processing device, access to an application by the user if the incremented level of assurance value assigned to the user meets or exceeds a second level of assurance value of a policy assigned to the application.
2 Assignments
0 Petitions
Accused Products
Abstract
An authentication sequencing and normalization module may receive a first authentication associated with a user and assign a level of assurance value to the user based on the first authentication from a first identity service of a specific type. If the user is associated with a second authentication, based on a second identity service of an alternate type, then the level of assurance value assigned to the user may be incremented. Furthermore, access to an application by the user may be allowed if the incremented level of assurance value assigned to the user meets or exceeds a second level of assurance value of a policy assigned to the application. Different users may be authenticated in the authentication sequencing and normalization module by disparate identity services.
16 Citations
20 Claims
-
1. A method comprising:
-
identifying a first authentication associated with a user; assigning a level of assurance value to the user based on the first authentication; determining if the user is associated with a second authentication; incrementing, if the user is associated with the second authentication, the level of assurance value assigned to the user; and allowing, by a processing device, access to an application by the user if the incremented level of assurance value assigned to the user meets or exceeds a second level of assurance value of a policy assigned to the application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a memory; and a processing device coupled with the memory to; identify a first authentication associated with a user; assign a level of assurance value to the user based on the first authentication; determine if the user is associated with a second authentication; increment, if the user is associated with the second authentication, the level of assurance value assigned to the user; and allow access to an application by the user if the incremented level of assurance value assigned to the user meets or exceeds a second level of assurance value of a policy assigned to the application. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium including instructions that, when executed by a processing device, cause the processing device to perform operations comprising:
-
identifying a first authentication associated with a user; assigning a level of assurance value to the user based on the first authentication; determining if the user is associated with a second authentication; incrementing, if the user is associated with the second authentication, the level of assurance value assigned to the user; and allowing access to an application by the user if the incremented level of assurance value assigned to the user meets or exceeds a second level of assurance value of a policy assigned to the application. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification