Context sensitive dynamic authentication in a cryptographic system
First Claim
1. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
- obtaining user data from a user during an authentication attempt;
obtaining circumstantial data associated with the authentication attempt and associated with enrollment data for the user; and
determining a level of trust associated with the authentication attempt based on the comparison of the circumstantial data with previously stored data, the previously stored data comprising past circumstantial data associated with one or more past successful authentications for the user.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for performing authentication of a first user to a second user includes the ability for the first user to submit multiple instances of authentication data which are evaluated and then used to generate an overall level of confidence in the claimed identity of the first user. The individual authentication instances are evaluated based upon: the degree of match between the user provided by the first user during the authentication and the data provided by the first user during his enrollment; the inherent reliability of the authentication technique being used; the circumstances surrounding the generation of the authentication data by the first user; and the circumstances surrounding the generation of the enrollment data by the first user.
73 Citations
42 Claims
-
1. A method of performing graded authentication of a user wherein the method obtains and evaluates circumstantial data associated with an authentication attempt, the method comprising:
-
obtaining user data from a user during an authentication attempt; obtaining circumstantial data associated with the authentication attempt and associated with enrollment data for the user; and determining a level of trust associated with the authentication attempt based on the comparison of the circumstantial data with previously stored data, the previously stored data comprising past circumstantial data associated with one or more past successful authentications for the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
- 12. A system for graded authentication comprising user data obtained from a user during at least one previously successful authentication attempt, past circumstantial data associated with the at least one previously successful authentication attempt and associated with enrollment data for the user, and a trust engine which generates a level of trust associated with a current authentication attempt based on the comparison of current circumstantial data associated with the current authentication attempt with the past circumstantial data associated with the at least one previously successful authentication attempt.
-
17. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation and related to enrollment data for a user being authenticated by the authentication operation; comparing the metadata with previously stored data, the previously stored data comprising past circumstantial data associated with one or more past successful authentications for the user; and determining a level of trust associated with the authentication operation. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. A method for authenticating a user comprising:
-
obtaining user data associated with an authentication operation; obtaining metadata related to the authentication operation and related to enrollment data for a user being authenticated by the authentication operation; and determining a level of trust associated with the authentication operation based on comparing the metadata to past circumstantial data associated with one or more past successful authentications for the use. - View Dependent Claims (26, 27, 28, 29)
-
-
30. A method for grading an authentication operation that relies on a variable set of authentication techniques to obtain authentication data, the method comprising:
-
defining the reliability of a set of authentication techniques that may be used in an authentication operation; receiving authentication data during an authentication operation, said authentication data generated using a subset of the authentication techniques, and said authentication data comprising circumstantial data associated with the authentication operation and associated with enrollment data for a user being authenticated by said authentication operation; determining the acceptability of the authentication data generated by each of the subset of authentication techniques, the determining the acceptability of the authentication data based at least in part on evaluating past circumstantial data associated with one or more past successful authentications for the user; and defining the level of trust of the authentication operation based upon the acceptability of the authentication data and based upon the reliability of the authentication techniques used in generating the authentication data. - View Dependent Claims (31, 32, 33)
-
-
34. An apparatus for evaluating an authentication attempt comprising:
-
reliability data associated with a set of authentication techniques that may be used in an authentication attempt, the reliability data comprising current circumstantial data associated with the authentication attempt and associated with enrollment data for a user associated with the authentication attempt, the reliability data based on a comparison of the current circumstantial data to past circumstantial data associated with one or more past authentication attempts for the user; a plurality of authentication instances generated using a subset of the authentication techniques; and a trust engine which determines a level of match associated with each authentication instance and assigns a level of trust for the authentication attempt based upon the level of match associated with each authentication instance and the reliability of the technique used in each authentication instance. - View Dependent Claims (35, 36, 37)
-
-
38. A method for grading an authentication attempt comprising:
-
defining the reliability of a set of authentication techniques that may be used in an authentication attempt, the reliability based on current circumstantial data associated with the authentication attempt and associated with enrollment data for a user associated with the authentication attempt, the reliability based on a comparison of the current circumstantial data to past circumstantial data associated with one or more past authentication attempts for the user; receiving a plurality of authentication instances generated using a subset of the authentication techniques; determining a level of match associated with each authentication instance; and defining a level of trust of the authentication attempt based upon the level of match associated with each authentication instance and based upon the reliability of the technique used in each authentication instance. - View Dependent Claims (39, 40, 41, 42)
-
Specification