GRADUATED AUTHENTICATION IN AN IDENTITY MANAGEMENT SYSTEM
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for graduated security in an identity management system utilize differing levels of time sensitivity, channel security and authentication security to provide a multi-dimensional approach to providing the right fit for differing identity requests. The differing levels of security can be selected by user preference, membersite request or homesite policy.
15 Citations
42 Claims
-
1-22. -22. (canceled)
-
23. A computer-readable storage device storing instructions that, when executed by a computing system, cause the computing system to perform acts for verifying response security, the acts comprising:
-
sending, to a first computing system, a first request for information, the first request including a first transaction security level; receiving a first response to the first request, wherein the first response is transmitted in accordance with a response security level determined by the first computing system based on the first transaction security level included in the first request; verifying that the first response was sent using a first response security level based on the first transaction security level; sending, to a second computing system, a second request for information, the second request including a second transaction security level; receiving a second response corresponding to the second request; determining that the second response does not meet minimum requirements associated with the second transaction security level; and responsive to the determining that the second response does not meet the minimum requirements, providing an indication that an attack may be in progress. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 35, 36)
-
-
34. A system for analyzing security characteristics of esponses, the system comprising:
-
a memory; one or more processors; an interface configured to; receive, from a first computing system, a first response to a first request for user information, wherein the first request indicates a first transaction security level, and wherein the first response is transmitted in accordance with a response security level determined by the first computing system based on the first transaction security level indicated by the first request; and receive, from a second computing system, a second response to a second request for information, wherein the second request indicates a second transaction security level; and a security analysis module configured to; verify that the first response was sent using a first response security level based on the first transaction security level; determine that the second response does not meet minimum requirements associated with the second transaction security level; and provide an indication that an attack may be in progress, responsive to the determination that the second response does not meet the minimum requirements.
-
-
37. A method for verifying response security, comprising:
-
sending, to a computing system, a request for information, the request including a transaction security level; receiving a response corresponding to the request; determining that the response does not meet minimum requirements associated with the transaction security level; and responsive to the determining that the response does not meet the minimum requirements, providing an indication that an attack may be in progress. - View Dependent Claims (38, 39, 40, 41, 42)
-
Specification