Variable trust levels for authentication
First Claim
Patent Images
1. A method for determining a level of trust in an authenticated identification, comprising:
- performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful;
combining the scores for the successful authentications to determine a level of trust;
responsive to the determined level of trust exceeding a first predetermined threshold, allowing a first level of access to a resource;
responsive to the determined level of trust exceeding a second predetermined threshold, allowing a second level of access to a resource; and
wherein the first level of access comprises reading the resource and the second level of access comprises modifying the resource.
1 Assignment
0 Petitions
Accused Products
Abstract
A level of trust is determined based on a combination of scores for one or more successful authentications. Scores indicate relative degrees of reliability for authentications, so that differing authentication methods may correspond to different scores. The determined level of trust can then be used to allow or deny access to a resource, and can be used to specify the type of access that is allowed, if applicable.
-
Citations
11 Claims
-
1. A method for determining a level of trust in an authenticated identification, comprising:
-
performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; combining the scores for the successful authentications to determine a level of trust; responsive to the determined level of trust exceeding a first predetermined threshold, allowing a first level of access to a resource; responsive to the determined level of trust exceeding a second predetermined threshold, allowing a second level of access to a resource; and wherein the first level of access comprises reading the resource and the second level of access comprises modifying the resource.
-
-
2. A method for determining a level of trust in an authenticated identification, comprising:
-
performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; combining the scores for the successful authentications to determine a level of trust; receiving a request for an action, the action being associated with a predetermined minimum level of trust; responsive to the determined level of trust exceeding the predetermined minimum level of trust, allowing the requested action to proceed; and responsive to the determined level of trust not exceeding the predetermined minimum level of trust, denying the requested action.
-
-
3. A method for determining a level of trust in an authenticated identification, comprising:
-
performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; combining the scores for the successful authentications to determine a level of trust; and presenting a list of allowable actions having minimum trust levels not exceeding the determined level of trust. - View Dependent Claims (4)
-
-
5. A system for determining a level of trust in an authenticated identification, comprising:
-
an authenticator, for performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; a score combiner, coupled to the authenticator, for combining the scores for the successful authentications to determine a level of trust; wherein the authenticator, responsive to the determined level of trust exceeding a first predetermined threshold, allows a first level of access to a resource, and, responsive to the determined level of trust exceeding a second predetermined threshold, allows a second level of access to a resource; and wherein the first level of access comprises reading the resource and the second level of access comprises modifying the resource.
-
-
6. A system for determining a level of trust in an authenticated identification, comprising:
-
an authenticator, for performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; a score combiner, coupled to the authenticator, for combining the scores for the successful authentications to determine a level of trust; and an action input device, coupled to the authenticator, for receiving a request for an action, the action being associated with a predetermined minimum level of trust; wherein the authenticator, responsive to the determined level of trust exceeding the predetermined minimum level of trust, allows the requested action to proceed, and, responsive to the determined level of trust not exceeding the predetermined minimum level of trust, denies the requested action.
-
-
7. A system for determining a level of trust in an authenticated identification, comprising:
-
an authenticator, for performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; a score combiner, coupled to the authenticator, for combining the scores for the successful authentications to determine a level of trust; and an output device, coupled to the authenticator, for presenting a list of allowable actions having minimum trust levels not exceeding the determined level of trust. - View Dependent Claims (8)
-
-
9. A computer-readable medium for determining a level of trust in an authenticated identification, comprising:
-
computer-readable code adapted to perform authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; computer-readable code adapted to combine the scores for the successful authentications to determine a level of trust; and computer-readable code adapted to, responsive to the determined level of trust exceeding a predetermined threshold, offer a user a role for selection.
-
-
10. A computer-readable medium for determining a level of trust in an authenticated identification, comprising:
-
computer-readable code adapted to perform authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; computer-readable code adapted to combine the scores for the successful authentications to determine a level of trust; and computer-readable code adapted to, responsive to the determined level of trust exceeding a first predetermined threshold, allow a first level of access to a resource, and, responsive to the determined level of trust exceeding a second predetermined threshold, allowing a second level of access to a resource; wherein the first level of access comprises reading the resource and the second level of access comprises modifying the resource.
-
-
11. A system for determining a level of trust in an authenticated identification, comprising:
-
authenticating means, for performing authentications to obtain authentication results, each authentication having a score, each result indicating whether the corresponding authentication is successful; and score combining means, coupled to the authentication means, for combining the scores for the successful authentications to determine a level of trust; wherein the authenticating means, responsive to the determined level of trust exceeding a predetermined threshold, offers a user a role for selection.
-
Specification