DEVICES AND METHODS FOR THREAT-BASED AUTHENTICATION FOR ACCESS TO COMPUTING RESOURCES
First Claim
1. An apparatus, comprising:
- a communication module implemented in at least one of a memory or a processor, the communication module configured to electronically communicate with a client device and a set of resources;
a policy definition module configured to define a resource confidence criterion for each resource from the set of resources based on (1) a threat confidence vector associated with a set of risk mitigation scores for each threat from a set of threats and (2) a set of resource vulnerability scores for each threat from the set of threats; and
a policy application module configured to (1) receive a signal via the communication module indicative of an authentication request associated with a resource from the set of resources and (2) define a resource confidence value for the resource from the set of resources based on a threat confidence vector associated with the authentication request and the set of resource vulnerability scores,the policy application module configured to (1) compare the resource confidence value for the resource from the set of resources and the resource confidence criterion for the resource from the set of resources and (2) send a signal via the communication module indicative of a positive authentication, when the resource confidence criterion for the resource from the set of resources is satisfied, such that the client device is granted access to the resource.
10 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, a method includes receiving, at a host device, a signal indicative of an authentication request for a client device to access a resource from a set of resources. A resource confidence value associated with the authentication request is calculated based at least in part on (1) a threat confidence vector associated with at least one risk mitigation score for each threat from a set of threats and (2) a set of resource vulnerability scores associated with the resource and each threat from the set of threats. The resource confidence value is compared to a resource confidence criterion associated with the resource from the set of resources. A signal indicative of a positive authentication is sent from the host device to the client device when the resource confidence value satisfies the resource confidence criterion such that the client device is granted access to the resource.
154 Citations
20 Claims
-
1. An apparatus, comprising:
-
a communication module implemented in at least one of a memory or a processor, the communication module configured to electronically communicate with a client device and a set of resources; a policy definition module configured to define a resource confidence criterion for each resource from the set of resources based on (1) a threat confidence vector associated with a set of risk mitigation scores for each threat from a set of threats and (2) a set of resource vulnerability scores for each threat from the set of threats; and a policy application module configured to (1) receive a signal via the communication module indicative of an authentication request associated with a resource from the set of resources and (2) define a resource confidence value for the resource from the set of resources based on a threat confidence vector associated with the authentication request and the set of resource vulnerability scores, the policy application module configured to (1) compare the resource confidence value for the resource from the set of resources and the resource confidence criterion for the resource from the set of resources and (2) send a signal via the communication module indicative of a positive authentication, when the resource confidence criterion for the resource from the set of resources is satisfied, such that the client device is granted access to the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
receiving, at a host device, a signal indicative of an authentication request for a client device to access a resource from a set of resources; calculating a resource confidence value associated with the authentication request based at least in part on (1) a threat confidence vector associated with at least one risk mitigation score for each threat from a set of threats and (2) a set of resource vulnerability scores associated with the resource and each threat from the set of threats; comparing the resource confidence value to a resource confidence criterion associated with the resource from the set of resources; and sending, from the host device, a signal indicative of a positive authentication when the resource confidence value satisfies the resource confidence criterion, such that the client device is granted access to the resource. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method, comprising:
-
receiving, at a host device, a signal indicative of an authentication request for a client device to access a resource, the signal including data associated with a first authentication mode and data associated with a second authentication mode different from the first authentication mode; calculating a threat confidence vector based on (1) a risk mitigation score associated with the first authentication mode and a set of threats, and (2) a risk mitigation score associated with the second authentication mode and the set of threats; calculating a resource confidence value associated with the resource, the resource confidence value based on (1) the threat confidence vector and (2) a set of resource vulnerability scores associated with the resource and each threat from the set of threats; comparing the resource confidence value to a resource confidence criterion associated with the resource; and sending, from the host device to the client device, a signal indicative of a positive authentication when the resource confidence value satisfies the resource confidence criterion, such that the client device is granted access to the resource. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification