Context sensitive dynamic authentication in a cryptographic system
First Claim
1. An article of manufacture comprising:
- a non-transitory computer readable storage medium comprising instructions, said instructions comprising instructions for;
obtaining first circumstantial data during a first authentication attempt by a first user;
storing said first circumstantial data;
obtaining second circumstantial data during a second authentication attempt by a second user;
obtaining authorization data during said second authentication attempt by said second user;
comparing said second circumstantial data to said stored first circumstantial data; and
assigning a level of trust to said second user.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for performing authentication of a first user to a second user includes the ability for the first user to submit multiple instances of authentication data which are evaluated and then used to generate an overall level of confidence in the claimed identity of the first user. The individual authentication instances are evaluated based upon: the degree of match between the user provided by the first user during the authentication and the data provided by the first user during his enrollment; the inherent reliability of the authentication technique being used; the circumstances surrounding the generation of the authentication data by the first user; and the circumstances surrounding the generation of the enrollment data by the first user. This confidence level is compared with a required trust level which is based at least in part upon the requirements of the second user, and the authentication result is based upon this comparison.
-
Citations
24 Claims
-
1. An article of manufacture comprising:
a non-transitory computer readable storage medium comprising instructions, said instructions comprising instructions for;
obtaining first circumstantial data during a first authentication attempt by a first user;
storing said first circumstantial data;
obtaining second circumstantial data during a second authentication attempt by a second user;
obtaining authorization data during said second authentication attempt by said second user;
comparing said second circumstantial data to said stored first circumstantial data; and
assigning a level of trust to said second user.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
13. An apparatus for graded user authentication over a network comprising:
-
first circumstantial data; second circumstantial data; authorization data; and a trust engine; wherein said first circumstantial data is obtained during a first authentication attempt by a first user; wherein said second circumstantial data is obtained during a second authentication attempt by a second user; wherein said authorization data is obtained during said second authentication attempt by said second user; and wherein a trust engine assigns a level of trust to said second user. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification