Behavior based identity system
First Claim
1. A non-transitory computer-readable medium embodying an identity management program executable in a computing device, comprising:
- code that stores, in a memory, a preconfigured sequence of behavioral events specified by an authenticated user in association with a user identity;
code that, in response to receiving an assertion of the user identity from a client and receiving behavior verification data created by a server associated with a first network site, performs a comparison between a plurality of behavioral events and the preconfigured sequence of behavioral events associated with the user identity, the behavior verification data recording the plurality of behavioral events expressed by the client relative to a resource of the first network site, the plurality of behavioral events corresponding to at least one of;
a client-side behavior relative to a rendered resource obtained from the first network site, a particular search query being executed in the first network site, a particular item being purchased in the first network site, or a particular resource being accessed;
code that generates an identity confidence level as to whether the user identity belongs to a user at the client based at least in part on the comparison; and
code that authenticates the user at the client to access a secured resource of a second network site in response to determining that the identity confidence level meets a threshold.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for a behavior-based identity system that recognizes and/or authenticates users based at least in part on stored behavioral events which have been observed previously or have been preconfigured. Multiple behavioral events expressed by a client relative to multiple resources of a network site are observed. The behavioral events correspond to data that a user has elected to share, and the user may opt-in or opt-out of the behavior-based identity system. A comparison is performed between the observed behavioral events and multiple stored behavioral events associated with a user identity. An identity confidence level as to whether the user identity belongs to a user at the client is generated based at least in part on the comparison.
-
Citations
25 Claims
-
1. A non-transitory computer-readable medium embodying an identity management program executable in a computing device, comprising:
-
code that stores, in a memory, a preconfigured sequence of behavioral events specified by an authenticated user in association with a user identity; code that, in response to receiving an assertion of the user identity from a client and receiving behavior verification data created by a server associated with a first network site, performs a comparison between a plurality of behavioral events and the preconfigured sequence of behavioral events associated with the user identity, the behavior verification data recording the plurality of behavioral events expressed by the client relative to a resource of the first network site, the plurality of behavioral events corresponding to at least one of;
a client-side behavior relative to a rendered resource obtained from the first network site, a particular search query being executed in the first network site, a particular item being purchased in the first network site, or a particular resource being accessed;code that generates an identity confidence level as to whether the user identity belongs to a user at the client based at least in part on the comparison; and code that authenticates the user at the client to access a secured resource of a second network site in response to determining that the identity confidence level meets a threshold. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system, comprising:
-
at least one computing device comprising a processor and a memory; and an identity management system executable in the at least one computing device, the identity management system comprising; logic that, in response to receiving a user specification of a preconfigured sequence of behavioral events, stores the preconfigured sequence of behavioral events in a memory in association with a user identity; logic that observes a plurality of behavioral events expressed by a client relative to a plurality of resources of a network site; logic that performs a comparison between the plurality of behavioral events and the preconfigured sequence of behavioral events associated with the user identity; logic that generates an identity confidence level as to whether the user identity belongs to a user at the client based at least in part on the comparison; and logic that authenticates the user at the client as having the user identity in response to determining that the identity confidence level meets a threshold. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method implemented by an identity management system, the method comprising:
-
receiving, via at least one of one or more computing devices comprising a processor and memory, an assertion of a user identity from a client; determining, via at least one of the one or more computing devices, a stored sequence of resources associated with the user identity, the stored sequence of resources being preconfigured by an authenticated user corresponding to the user identity; monitoring, via at least one of the one or more computing devices, a sequence of resources accessed by the client from a network site; performing, via at least one of the one or more computing devices, a comparison of the sequence of resources accessed by the client and the stored sequence of resources; generating, via at least one of the one or more computing devices, an identity confidence level as to whether the user identity belongs to a user at the client based at least in part on the comparison; and authenticating, via at least one of the one or more computing devices, the user at the client as having the user identity in response to determining that the identity confidence level meets a threshold. - View Dependent Claims (22, 23, 24, 25)
-
Specification