Implicit authentication

US 8,312,157 B2
Filed: 07/16/2009
Issued: 11/13/2012
Est. Priority Date: 07/16/2009
Status: Active Grant

First Claim

Patent Images

1. A method for implicitly authenticating a user to access a controlled resource, the method comprising:

receiving, from a computing device, a request to access the controlled resource;

selecting a user behavior model for the user, wherein the user behavior model is derived from historical contextual data of the user;

determining recent contextual data of the user, wherein the recent contextual data are collected from one or more user devices without prompting the user to perform an action associated with authentication, and wherein the recent contextual data comprise a plurality of data streams which provide a basis for determining whether the user owns the computing device;

determining a user behavior score which indicates a likelihood that the user owns the computing device, wherein determining the user behavior score involves;

observing a recent event that is associated with the user'"'"'s computing device;

calculating a quality measure for the recent event, and a weight associated with a type of the observation;

determining that the observed recent event is consistent with the user behavior model; and

adjusting the user behavior score based on the quality measure and the weight; and

providing the user behavior score to an access controller of the controlled resource, wherein the access controller facilitates access to the controlled resource for the user in response to the user behavior score exceeding a predetermined threshold value.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.

64 Citations

View as Search Results

23 Claims

1. A method for implicitly authenticating a user to access a controlled resource, the method comprising:
- receiving, from a computing device, a request to access the controlled resource;
  
  selecting a user behavior model for the user, wherein the user behavior model is derived from historical contextual data of the user;
  
  determining recent contextual data of the user, wherein the recent contextual data are collected from one or more user devices without prompting the user to perform an action associated with authentication, and wherein the recent contextual data comprise a plurality of data streams which provide a basis for determining whether the user owns the computing device;
  
  determining a user behavior score which indicates a likelihood that the user owns the computing device, wherein determining the user behavior score involves;
  
  observing a recent event that is associated with the user'"'"'s computing device;
  
  calculating a quality measure for the recent event, and a weight associated with a type of the observation;
  
  determining that the observed recent event is consistent with the user behavior model; and
  
  adjusting the user behavior score based on the quality measure and the weight; and
  
  providing the user behavior score to an access controller of the controlled resource, wherein the access controller facilitates access to the controlled resource for the user in response to the user behavior score exceeding a predetermined threshold value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - collecting contextual data of the user periodically from the one or more user devices; and
      
      updating the user behavior model based on the collected contextual data of the user.
  - 3. The method of claim 2, further comprising:
    - determining that the user behavior score is higher than a predetermined threshold value; and
      
      authenticating the user to access the controlled resource using an authentication decision derived from the user behavior score.
  - 4. The method of claim 3, wherein the authentication decision derived from the user behavior score is used to adjust an assurance associated with another form of authentication.
  - 5. The method of claim 1, wherein the historical contextual data are collected with a number of measurements, and wherein the user behavior model describes a past user behavior pattern by a combination of one or more measurements.
  - 6. The method of claim 1, wherein the recent contextual data of the user comprise data from at least one of the following sources:
    - device data that are available on a user device;
      
      carrier data that are available to a network carrier; and
      
      third-party provider data that are available to a third-party provider providing an application to the user.
  - 7. The method of claim 1, wherein the recent contextual data of the user comprise one or more of:
    - GPS data, accelerometer data, voice data, sensor data, application usage data, web browser data, authentication attempts, connection attempts, network traffic patterns, DNS requests, typing patterns, biometric data, social group membership information, and user demographics data.
  - 8. The method of claim 1, wherein the user behavior model is stored in a user model look-up table, the look-up table comprising:
    - historical information on whether a condition is satisfied; and
      
      information on a plurality of events, each event being associated with a probability distribution and a scoring distribution.
  - 9. The method of claim 1, further comprising collecting the historical contextual data via one or more of a survey of contextual information about the user entered by a representative of the user, an accumulation of periodically transmitted contextual data of the user from one or more devices, or an inheritance of the contextual information about the user from another device associated with the user.
  - 10. The method of claim 1, further comprising deriving the user behavior model from a second user behavior model of a group of users sharing similar characteristics.
  - 11. The method of claim 1, further comprising determining whether a recent user event is consistent with a past user behavior pattern,wherein the recent event belongs to one of a plurality of categories, the plurality of categories comprising one or more of:
    - a very positive event, a positive event, a neutral event, a negative event, and a very negative event; and
      
      wherein the determination of adjusting the user behavior score and the amount of adjustment are associated with the category to which the recent event belongs.

12. A system for implicitly authenticating a user to access a controlled resource, the system comprising:
- a user access request receiver configured to receive a request, from a computer device, to access the controlled resource;
  
  a selection mechanism configured to select a user behavior model for the user, wherein the user behavior model is derived from historical context data of the user;
  
  a determination mechanism configured to determine recent contextual data of the user, wherein the recent contextual data are collected from one or more user devices without prompting the user to perform an action associated with authentication, and wherein the recent contextual data comprise a plurality of data streams which provide a basis for determining whether the user owns the computing device;
  
  a behavioral score grader configured to determine a user behavior score which indicates a likelihood that the user owns the computing device, wherein while determining the user behavior score the behavioral score grader is further configured to;
  
  observe a recent event that is associated with the user'"'"'s computing device;
  
  calculate a quality measure for the recent event, and a weight associated with a type of the observation;
  
  determine that the observed recent event is consistent with the user behavior model; and
  
  adjust the user behavior score based on the quality measure and the weight; and
  
  an authentication information provision mechanism configured to provide the user behavior score to an access controller of the controlled resource, wherein the access controller is configured to facilitate access to the controlled resource for the user in response to the user behavior score exceeding a predetermined threshold value.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The system of claim 12, further comprising:
    - a contextual data collector configured to collect contextual data of the user periodically from the one or more user devices; and
      
      a user behavior modeler configured to update the user behavior model based on the collected contextual data of the user.
  - 14. The system of claim 13, further comprising:
    - a determining mechanism configured to determine that the user behavior score is higher than a predetermined threshold value; and
      
      an implicit authenticator configured to authenticate the user to access the controlled resource using an authentication decision derived from the user behavior score.
  - 15. The system of claim 14, wherein the authentication decision derived from the user behavior score is used to adjust an assurance associated with another form of authentication.
  - 16. The system of claim 12, further comprising a contextual data collector configured to collect the historical contextual data with a number of measurements, wherein the user behavior model describes a past user behavior pattern by a combination of one or more measurements.
  - 17. The system of claim 12, wherein the recent contextual data of the user comprise data from at least one of the following sources:
    - device data that are available on a user device;
      
      carrier data that are available to a network carrier; and
      
      third-party provider data that are available to a third-party provider providing an application to the user.
  - 18. The system of claim 12, wherein the recent contextual data of the user comprise one or more of:
    - GPS data, accelerometer data, voice data, sensor data, application usage data, web browser data, authentication attempts, connection attempts, network traffic patterns, DNS requests, typing patterns, biometric data, social group membership information, and user demographics data.
  - 19. The system of claim 12, wherein the user behavior model is stored in a user model look-up table, the look-up table comprising:
    - historical information on whether a condition is satisfied; and
      
      information on a plurality of events, each event being associated with a probability distribution and a scoring distribution.
  - 20. The system of claim 12, further comprising a contextual data collector configured to collect the historical contextual data via one or more of a survey of contextual information about the user entered by a representative of the user, an accumulation of periodically transmitted contextual data of the user from one or more devices, or an inheritance of the contextual information about the user from another device associated with the user.
  - 21. The system of claim 12, further comprising a model-deriving mechanism configured to derive the user behavior model from a second user behavior model of a group of users sharing similar characteristics.
  - 22. The system of claim 12, wherein the behavior score grader is further configured to determine whether a recent user event is consistent with a past user behavior pattern;
    - wherein the recent event belongs to one of a plurality of categories, the plurality of categories comprising one or more of;
      
      a very positive event, a positive event, a neutral event, a negative event, and a very negative event; and
      
      wherein the determination of adjusting the user behavior score and the amount of adjustment are associated with the category to which the recent event belongs.

23. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for implicitly authenticating a user to access a controlled resource, the method comprising:
- receiving a request, from a computer device, to access the controlled resource;
  
  selecting a user behavior model for the user, wherein the user behavior model is derived from historical contextual data of the user;
  
  determining recent contextual data of the user, wherein the recent contextual data are collected from one or more user devices without prompting the user to perform an action associated with authentication, and wherein the recent contextual data comprise a plurality of data streams which provide a basis for determining whether the user owns the computing device;
  
  determining a user behavior score which indicates a likelihood that the user owns the computing device, wherein determining the user behavior score involves;
  
  observing a recent event that is associated with the user'"'"'s computing device;
  
  calculating a quality measure for the recent event, and a weight associated with a type of the observation;
  
  determining that the observed recent event is consistent with the user behavior model; and
  
  adjusting the user behavior score based on the quality measure and the weight; and
  
  providing the user behavior score to an access controller of the controlled resource, wherein the access controller facilitates access to the controlled resource for the user in response to the user behavior score exceeding a predetermined threshold value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Palo Alto Research Center, Inc. (Xerox Holdings Corp.)
Inventors
Jakobsson, Bjorn Markus, Grandcolas, Mark J., Golle, Philippe J. P., Chow, Richard, Shi, Runting
Primary Examiner(s)
OBEID, MAMON A

Application Number

US12/504,159
Publication Number

US 20110016534A1
Time in Patent Office

1,216 Days
Field of Search

705 64- 67, 726/7, 726/26, 726/27
US Class Current

709/229
CPC Class Codes

G06F 21/316   by observing the pattern of...

H04L 63/0892   by using authentication-aut...

H04L 63/102   Entity profiles

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

Implicit authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Implicit authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links