Method and apparatus for token-based real-time risk updating
First Claim
1. An apparatus comprising:
- a memory for storing a plurality of tokens indicating a user is accessing a resource over a network, wherein;
the plurality of tokens comprises a risk token indicating a risk associated with access by the user to the resource; and
each token of the plurality of tokens is associated with a layer of the Open Systems Interconnection stack; and
a processor for;
determining, based at least in part upon a form of authentication performed by the user, a numeric identity assurance level;
determining, based at least in part upon a form of security provided by the resource, a numeric trust level; and
determining, based at least in part upon the risk token, a numeric risk level;
detecting a network token indicating the network is experiencing jitter;
determining at least one token-based rule associated with the network token;
determining, based at least in part upon the at least one token-based rule, that the jitter triggers a risk update;
generating, in response to the determination that the jitter triggers the risk update, a dataset token that represents the risk token and the network token;
communicating the dataset token to a token provider to perform the risk update;
receiving a recomputed risk token representing an updated risk, the updated risk indicating the risk associated with continuing access to the resource with the change;
updating, based at least in part upon the at least one token-based rule and the recomputed risk token, the numeric risk level;
comparing the updated numeric risk level to a threshold risk level;
determining, based at least in part upon comparing the numeric risk level to the threshold risk level and based at least in part upon the identity assurance level and the trust level, that access to the resource should be terminated;
generating, in response to the determination that access to the resource should be terminated, a decision token representing the determination that access to the resource should be terminated; and
communicating the decision token to facilitate terminating access to the resource.
1 Assignment
0 Petitions
Accused Products
Abstract
According to one embodiment, an apparatus may store a plurality of tokens indicating a user is accessing a resource over a network. The plurality of tokens may include a risk token indicating a risk associated with access by the user to the resource. The apparatus may detect a token indicating a change associated with accessing the resource, and determine that the change triggers a risk update. The apparatus may then generate a dataset token that represents the risk token and the token indicating the change, and communicate the dataset token to a token provider to perform the risk update. The apparatus may then receive a recomputed risk token representing an updated risk. The updated risk may indicate the risk associated with continuing access to the resource with the change.
-
Citations
12 Claims
-
1. An apparatus comprising:
-
a memory for storing a plurality of tokens indicating a user is accessing a resource over a network, wherein; the plurality of tokens comprises a risk token indicating a risk associated with access by the user to the resource; and each token of the plurality of tokens is associated with a layer of the Open Systems Interconnection stack; and a processor for; determining, based at least in part upon a form of authentication performed by the user, a numeric identity assurance level; determining, based at least in part upon a form of security provided by the resource, a numeric trust level; and determining, based at least in part upon the risk token, a numeric risk level; detecting a network token indicating the network is experiencing jitter; determining at least one token-based rule associated with the network token; determining, based at least in part upon the at least one token-based rule, that the jitter triggers a risk update; generating, in response to the determination that the jitter triggers the risk update, a dataset token that represents the risk token and the network token; communicating the dataset token to a token provider to perform the risk update; receiving a recomputed risk token representing an updated risk, the updated risk indicating the risk associated with continuing access to the resource with the change; updating, based at least in part upon the at least one token-based rule and the recomputed risk token, the numeric risk level; comparing the updated numeric risk level to a threshold risk level; determining, based at least in part upon comparing the numeric risk level to the threshold risk level and based at least in part upon the identity assurance level and the trust level, that access to the resource should be terminated; generating, in response to the determination that access to the resource should be terminated, a decision token representing the determination that access to the resource should be terminated; and communicating the decision token to facilitate terminating access to the resource. - View Dependent Claims (2, 3, 4)
-
-
5. A method for receiving real-time risk rating information in a token-based environment, comprising
storing a plurality of tokens indicating a user is accessing a resource over a network, wherein: -
the plurality of tokens comprises a risk token indicating a risk associated with access by the user to the resource; and each token of the plurality of tokens is associated with a layer of the Open Systems Interconnection stack; determining, by the processor, based at least in part upon a form of authentication performed by the user, a numeric identity assurance level; determining, by the processor, based at least in part upon a form of security provided by the resource, a numeric trust level; and determining, by the processor, based at least in part upon the risk token, a numeric risk level; detecting, by a processor, a network token indicating the network is experiencing jitter; determine at least one token-based rule associated with the network token; determining, by the processor, based at least in part upon the at least one token-based rule, that the jitter triggers a risk update; generating, in response to the determination that the jitter triggers the risk update, a dataset token that represents the risk token and the network token; communicating the dataset token to a token provider to perform the risk update; receiving a recomputed risk token representing an updated risk, the updated risk indicating the risk associated with continuing access to the resource with the change; updating, by the processor, based at least in part upon the at least one token-based rule and the recomputed risk token, the numeric risk level; comparing, by the processor, the updated numeric risk level to a threshold risk level; determining, by the processor, based at least in part upon comparing the numeric risk level to the threshold risk level and based at least in part upon the identity assurance level and the trust level, that access to the resource should be terminated; generating, in response to the determination that access to the resource should be terminated, a decision token representing the determination that access to the resource should be terminated; and communicating the decision token to facilitate terminating access to the resource. - View Dependent Claims (6, 7, 8)
-
-
9. One or more computer-readable non-transitory storage media embodying software that is operable when executed to:
-
store a plurality of tokens indicating a user is accessing a resource over a network, wherein; the plurality of tokens comprises a risk token indicating a risk associated with access by the user to the resource; and each token of the plurality of tokens is associated with a layer of the Open Systems Interconnection stack; determine, based at least in part upon a form of authentication performed by the user, a numeric identity assurance level; determine, based at least in part upon a form of security provided by the resource, a numeric trust level; and determine, based at least in part upon the risk token, a numeric risk level; detect a network token indicating the network is experiencing jitter; determine at least one token-based rule associated with the network token; determine, based at least in part upon the at least one token-based rule, that the jitter triggers a risk update; generate, in response to the determination that the jitter triggers the risk update, a dataset token that represents the risk token and the network token; communicate the dataset token to a token provider to perform the risk update; receive a recomputed risk token representing an updated risk, the updated risk indicating the risk associated with continuing access to the resource with the change; update, based at least in part upon the at least one token-based rule and the recomputed risk token, the numeric risk level; compare the updated numeric risk level to a threshold risk level; determine, based at least in part upon comparing the numeric risk level to the threshold risk level and based at least in part upon the identity assurance level and the trust level, that access to the resource should be terminated; generate, in response to the determination that access to the resource should be terminated, a decision token representing the determination that access to the resource should be terminated; and communicate the decision token to facilitate terminating access to the resource. - View Dependent Claims (10, 11, 12)
-
Specification