AUTHENTICATION FREQUENCY AND CHALLENGE TYPE BASED ON APPLICATION USAGE

US 20150237047A1
Filed: 05/04/2015
Published: 08/20/2015
Est. Priority Date: 11/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

presenting a first authentication challenge at a device at a first time;

determining, via a processor, an authentication type based on one of (i) an identity of an application currently being accessed at the device, (ii) a time duration for which the application is used at the device since the first time, or (iii) input capabilities of the device; and

presenting, at the device at a second time later than the first time, a second authentication challenge of the authentication type.

View all claims

17 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and method are disclosed for determining authentication frequency (i.e., the length of time between authenticating and re-authenticating a user) and challenge type (e.g., username/password, fingerprint recognition, voice recognition, etc.) based on what software applications a user is running on a data-processing system, and how those applications are being used (e.g., what functions are used, what data is input to or output by the application, how often and for how long applications are used, what input devices and output devices are used, etc.) Advantageously, the illustrative embodiment enables authentication frequency and challenge type to be adjusted based on the likelihood of malicious activity and/or the potential cost of malicious activity, as inferred from current and past application usage. In addition, the illustrative embodiment enables selection of an authentication challenge type that is less intrusive to a user based on current application usage.

Citations

20 Claims

1. A method comprising:
- presenting a first authentication challenge at a device at a first time;
  
  determining, via a processor, an authentication type based on one of (i) an identity of an application currently being accessed at the device, (ii) a time duration for which the application is used at the device since the first time, or (iii) input capabilities of the device; and
  
  presenting, at the device at a second time later than the first time, a second authentication challenge of the authentication type.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14)
- - 2. The method of claim 1, wherein the determining of the authentication type is further based on prior usage of the application.
  - 3. The method of claim 1, wherein the determining of the authentication type is further based on a function that is used in within the application.
  - 4. The method of claim 1, wherein the determining of the authentication type is further based on an output of the application.
  - 5. The method of claim 1, wherein the determining of the authentication type is based on how input is supplied to the application.
  - 6. The method of claim 1, wherein the determining of the authentication type is further based on how often the application is used.
  - 7. The method of claim 1, wherein the determining of the authentication type is further based on how often a function of the application is used.
  - 8. The method of claim 1, wherein the determining of the authentication type comprises a plurality of successive authentication challenges.
  - 9. The method of claim 8, wherein the plurality of successive authentication challenges comprises authentication challenges of disparate authentication types.
  - 10. The method of claim 1, wherein the authentication type is one of a fingerprint recognition, an iris scan, a retinal scan, a username and password, voice recognition.
  - 12. The system of claim 8, wherein the authentication type is determined further based on prior usage of the application.
  - 13. The system of claim 8, wherein the authentication type is determined further based on a function that is used in within the application.
  - 14. The system of claim 8, wherein the authentication type is determined further based on an output of the application.

11. A system comprising:
- a processor; and
  
  a computer-readable storage medium storing instructions which, when executed by the processor, cause the processor to perform operations comprising;
  
  presenting a first authentication challenge at a device at a first time;
  
  determining an authentication type based on one of (i) an identity of an application currently being accessed at the device, (ii) a time duration for which the application is used at the device since the first time, or (iii) input capabilities of the device; and
  
  presenting, at the device at a second time later than the first time, a second authentication challenge of the authentication type.

15. A computer-readable storage device storing instructions which, when executed by a processor, cause the processor to perform operations comprising:
- presenting a first authentication challenge at a device at a first time;
  
  determining an authentication type based on one of (i) an identity of an application currently being accessed at the device, (ii) a time duration for which the application is used at the device since the first time, or (iii) input capabilities of the device; and
  
  presenting, at the device at a second time later than the first time, a second authentication challenge having the authentication type.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-readable storage device of claim 15, wherein the authentication type is determined further based on how input is supplied to the application.
  - 17. The computer-readable storage device of claim 15, wherein the authentication type is determined further based on how often the application is used.
  - 18. The computer-readable storage device of claim 15, wherein the authentication type comprises a plurality of successive authentication challenges.
  - 19. The computer-readable storage device of claim 15, wherein the plurality of successive authentication challenges comprises authentication challenges of disparate authentication types.
  - 20. The computer-readable storage device of claim 15, wherein the authentication type is one of a fingerprint recognition, an iris scan, a retinal scan, a username and password, voice recognition.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arlington Technologies, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Avaya Incorporated
Inventors
BENTLEY, Jon Louis, ERHART, George William, O'GORMAN, Lawrence, SAMMON, Michael J., SKIBA, David Joseph

Granted Patent

US 9,590,985 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0846   using time-dependent-passwo...

H04L 63/0861   using biometrical features,...

H04L 9/3271   using challenge-response

H04W 12/06   Authentication

AUTHENTICATION FREQUENCY AND CHALLENGE TYPE BASED ON APPLICATION USAGE

First Claim

17 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

AUTHENTICATION FREQUENCY AND CHALLENGE TYPE BASED ON APPLICATION USAGE

First Claim

17 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links