TECHNOLOGIES FOR ENHANCED USER AUTHENTICATION USING ADVANCED SENSOR MONITORING

US 20160180078A1
Filed: 12/23/2014
Published: 06/23/2016
Est. Priority Date: 12/23/2014
Status: Abandoned Application

First Claim

Patent Images

1. A computing device for coerced authentication response, the computing device comprising:

an authentication module to verify a user authentication factor provided by a user;

a coercion detection module to (i) analyze sensor data to generate a coercion detection score in response to verifying the user authentication factor, wherein the sensor data is indicative of a physical condition of the user of the computing device while the user provided the user authentication factor, and (ii) determine whether the coercion detection score has a predetermined relationship to a threshold coercion detection score; and

a security response module to perform a security operation in response to a determination that the coercion detection score has the predetermined relationship to the threshold coercion detection score.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies for information security include a computing device with one or more sensors. The computing device may authenticate a user and, after successful authentication, analyze sensor data to determine whether it is likely that the user authenticated under duress. If so, the computing device performs a security operation such as generating an alert or presenting false but plausible data to the user. Additionally or alternatively, the computing device, within a trusted execution environment, may monitor sensor data and apply a machine-learning classifier to the sensor data to identify an elevated risk of malicious attack. For example, the classifier may identify potential user identification fraud. The computing device may trigger a security response if elevated risk of attack is detected. For example, the trusted execution environment may trigger increased authentication requirements or increased anti-theft monitoring for the computing device. Other embodiments are described and claimed.

99 Citations

View as Search Results

25 Claims

1. A computing device for coerced authentication response, the computing device comprising:
- an authentication module to verify a user authentication factor provided by a user;
  
  a coercion detection module to (i) analyze sensor data to generate a coercion detection score in response to verifying the user authentication factor, wherein the sensor data is indicative of a physical condition of the user of the computing device while the user provided the user authentication factor, and (ii) determine whether the coercion detection score has a predetermined relationship to a threshold coercion detection score; and
  
  a security response module to perform a security operation in response to a determination that the coercion detection score has the predetermined relationship to the threshold coercion detection score.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computing device of claim 1, wherein to analyze the sensor data to generate the coercion detection score comprises to:
    - analyze sensor data from a plurality of sensors of the computing device; and
      
      determine a confidence measure for each sensor of the plurality of sensors, wherein each confidence measure is indicative of a probability that the sensor data from the corresponding sensor is indicative of coercion of the user.
  - 3. The computing device of claim 2, wherein to analyze the sensor data to generate the coercion detection score further comprises to determine a weighted average of the plurality of confidence measures.
  - 4. The computing device of claim 1, further comprising:
    - a camera, wherein the sensor data comprises camera data indicative of a facial expression of the user;
      
      an audio sensor, wherein the sensor data comprises audio sensor data indicative of a voice pattern of the user;
      
      a thermal imaging sensor, wherein the sensor data comprises thermal imaging sensor data indicative of a heart rate or a respiration rate of the user;
      
      a skin conductance sensor, wherein the sensor data comprises skin conductance sensor data indicative of a skin conductance of the user;
      
      ora heart rate sensor, wherein the sensor data comprises heart rate sensor data indicative of a heart rate of the user.
  - 5. The computing device of claim 1, wherein to perform the security operation comprises to:
    - deny access to user data; and
      
      allow access to false data configured to appear to be accurate data.

6. One or more computer-readable storage media comprising a plurality of instructions that in response to being executed cause a computing device to:
- verify a user authentication factor provided by a user;
  
  analyze sensor data to generate a coercion detection score in response to verifying the user authentication factor, wherein the sensor data is indicative of a physical condition of the user of the computing device while the user is providing the authentication factor;
  
  determine whether the coercion detection score has a predetermined relationship to a threshold coercion detection score; and
  
  perform a security operation in response to determining the coercion detection score has the predetermined relationship to the threshold coercion detection score.
- View Dependent Claims (7, 8)
- - 7. The one or more computer-readable storage media of claim 6, wherein to analyze the sensor data to generate the coercion detection score comprises to:
    - analyze sensor data from a plurality of sensors of the computing device; and
      
      determine a confidence measure for each sensor of the plurality of sensors, wherein each confidence measure is indicative of a probability that the sensor data from the corresponding sensor is indicative of coercion of the user.
  - 8. The one or more computer-readable storage media of claim 6, wherein to perform the security operation comprises to:
    - deny access to user data; and
      
      allow access to false data configured to appear to be accurate data.

9. A computing device for elevated risk response, the computing device comprising:
- a sensor module to monitor, by a trusted execution environment, sensor data from a plurality of sensors of the computing device;
  
  a risk classifier module to apply, by the trusted execution environment, a machine-learning classifier to the sensor data to identify an elevated risk of malicious attack to the computing device; and
  
  a risk actuator module to trigger, by the trusted execution environment, a security response in response to identification of the elevated risk.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 10. The computing device of claim 9, wherein the sensor data comprises location data indicative of a location of the computing device.
  - 11. The computing device of claim 9, wherein the sensor data comprises soft behavioral biometric data indicative of usage of the computing device by a user.
  - 12. The computing device of claim 9, wherein to trigger the security response comprises to power on, by the computing device, one or more additional sensor of the computing device in response to the identification of the elevated risk.
  - 13. The computing device of claim 12, wherein the one or more additional sensor comprises a motion sensor, a radio communication subsystem, a location sensor, a camera, or a microphone.
  - 14. The computing device of claim 9, wherein to trigger the security response comprises to select a security response based on the elevated risk.
  - 15. The computing device of claim 9, wherein to trigger the security response comprises to increase, by the computing device, an authentication requirement of the computing device in response to the identification of the elevated risk.
  - 16. The computing device of claim 9, wherein to trigger the security response comprises to:
    - increase anti-theft monitoring by the computing device in response to the identification of the elevated risk;
      
      increase intrusion monitoring by the computing device in response to the identification of the elevated risk;
      
      orrestrict user access to the computing device in response to the identification of the elevated risk.
  - 17. The computing device of claim 9, further comprising a reference server module to:
    - establish, by the trusted execution environment, a secure connection with a reference server; and
      
      receive, by the trusted execution environment, training data for the machine-learning classifier via the secure connection;
      
      wherein to apply the machine-learning classifier to the sensor data comprises to supply the training data to the machine-learning classifier.
  - 18. The computing device of claim 17, wherein:
    - the risk classifier module is further to generate, by the trusted execution environment, threat reference data in response to application of the machine-learning classifier, wherein the reference data is indicative of normal usage of the computing device or malicious attack of the computing device; and
      
      the reference server module is further to (i) anonymize, by the trusted execution environment, the threat reference data to generate anonymized reference data and (ii) transmit, by the trusted execution environment, the anonymized reference data to the reference server via the secure connection.

19. One or more computer-readable storage media comprising a plurality of instructions that in response to being executed cause a computing device to:
- monitor, by a trusted execution environment of the computing device, sensor data from a plurality of sensors of the computing device;
  
  apply, by the trusted execution environment, a machine-learning classifier to the sensor data to identify an elevated risk of malicious attack to the computing device; and
  
  identify, by the trusted execution environment, the elevated risk of malicious attack in response to applying the machine-learning classifier; and
  
  trigger, by the trusted execution environment, a security response in response to identifying the elevated risk.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The one or more computer-readable storage media of claim 19, wherein to monitor the sensor data comprises to:
    - monitor soft behavioral biometric data indicative of usage of the computing device by a user.
  - 21. The one or more computer-readable storage media of claim 19, wherein to trigger the security response comprises to power on one or more additional sensor of the computing device in response to identifying the elevated risk.
  - 22. The one or more computer-readable storage media of claim 19, wherein to trigger the security response comprises to select a security response based on the elevated risk.
  - 23. The one or more computer-readable storage media of claim 19, wherein to trigger the security response comprises to increase an authentication requirement of the computing device in response to identifying the elevated risk.
  - 24. The one or more computer-readable storage media of claim 19, further comprising a plurality of instructions that in response to being executed cause the computing device to:
    - establish, by the trusted execution environment, a secure connection with a reference server; and
      
      receive, by the trusted execution environment, training data for the machine-learning classifier via the secure connection;
      
      wherein to apply the machine-learning classifier to the sensor data comprises to supply the training data to the machine-learning classifier.
  - 25. The one or more computer-readable storage media of claim 24, further comprising a plurality of instructions that in response to being executed cause the computing device to:
    - generate, by the trusted execution environment, threat reference data in response to applying the machine-learning classifier, wherein the reference data is indicative of normal usage of the computing device or malicious attack of the computing device;
      
      anonymize, by the trusted execution environment, the threat reference data to generate anonymized reference data; and
      
      transmit, by the trusted execution environment, the anonymized reference data to the reference server via the secure connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Chhabra, Jasmeet, Smith, Ned M., Sheller, Micah J., Heldt-Sheller, Nathan

Application Number

US14/580,785
Publication Number

US 20160180078A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 21/32   using biometric data, e.g. ...

G06F 21/53   by executing in a restricte...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

G06F 2221/2115   Third party

G06N 20/00   Machine learning

H04L 2463/082   applying multi-factor authe...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04W 12/06   Authentication

H04W 12/122   Counter-measures against at...

TECHNOLOGIES FOR ENHANCED USER AUTHENTICATION USING ADVANCED SENSOR MONITORING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

99 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNOLOGIES FOR ENHANCED USER AUTHENTICATION USING ADVANCED SENSOR MONITORING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

99 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links