Context sensitive dynamic authentication in a cryptographic system
First Claim
1. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
- obtaining user data from a user during an authentication attempt;
obtaining circumstantial data associated with the authentication attempt; and
determining a level of trust associated with the authentication attempt based on the comparison of the circumstantial data with previously stored data,wherein the circumstantial data comprises a time stamp associated with the time at which the user data was obtained.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for performing authentication of a first user to a second user includes the ability for the first user to submit multiple instances of authentication data which are evaluated and then used to generate an overall level of confidence in the claimed identity of the first user. The individual authentication instances are evaluated based upon: the degree of match between the user provided by the first user during the authentication and the data provided by the first user during his enrollment; the inherent reliability of the authentication technique being used; the circumstances surrounding the generation of the authentication data by the first user; and the circumstances surrounding the generation of the enrollment data by the first user. This confidence level is compared with a required trust level which is based at least in part upon the requirements of the second user, and the authentication result is based upon this comparison.
107 Citations
50 Claims
-
1. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
-
obtaining user data from a user during an authentication attempt; obtaining circumstantial data associated with the authentication attempt; and determining a level of trust associated with the authentication attempt based on the comparison of the circumstantial data with previously stored data, wherein the circumstantial data comprises a time stamp associated with the time at which the user data was obtained. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation; comparing the metadata with previously stored data; and determining a level of trust associated with the authentication operation, wherein the act of determining a level of trust associated with the authentication operation comprises assigning a percentage to the authentication operation which represents a degree of confidence in the authentication of the user. - View Dependent Claims (12, 13)
-
-
14. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation; comparing the metadata with previously stored data; and determining a level of trust associated with the authentication operation; determining an intermediate level of trust associated with the metadata based upon the comparison of the metadata with previously stored data, wherein the act of determining an intermediate level of trust comprises assigning a percentage to the metadata which represents the degree of correspondence between the metadata and the previously stored data. - View Dependent Claims (15, 16)
-
-
17. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation; and determining a level of trust associated with the authentication operation based on the metadata, wherein the act of determining a level of trust compares the metadata with previously stored data and the metadata comprises a time stamp associated with the time at which the user data was obtained. - View Dependent Claims (18, 19, 20)
-
-
21. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
-
obtaining user data from a user during an authentication attempt; obtaining circumstantial data associated with the authentication attempt; and determining a level of trust associated with the authentication attempt based on the comparison of the circumstantial data with previously stored data, wherein the act of determining a level of trust associated with the authentication attempt comprises assigning a percentage to the authentication attempt which represents a degree of confidence in the authentication of the user. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
-
obtaining user data from a user during an authentication attempt; obtaining circumstantial data associated with the authentication attempt; and determining an intermediate level of trust associated with the authentication attempt based on the comparison of the metadata with previously stored data, wherein the act of determining the intermediate level of trust comprises assigning a percentage to the metadata which represents the degree of correspondence between the metadata and the previously stored data. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation; and determining a level of trust associated with the authentication operation based on the metadata, wherein the act of determining a level of trust associated with the authentication operation comprises assigning a percentage to the authentication operation which represents the degree of confidence in the authentication of the user. - View Dependent Claims (42, 43, 44, 45)
-
-
46. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation; and determining a level of trust associated with the authentication operation based on the metadata, determining an intermediate level of trust associated with the metadata based upon the comparison of the metadata with previously stored data, wherein the act of determining an intermediate level of trust comprises assigning a percentage to the metadata which represents the degree of correspondence between the metadata and the previously stored data. - View Dependent Claims (47, 48, 49, 50)
-
Specification