Please download the dossier by clicking on the dossier button x
×

Adaptive client-aware session security

  • US 9,270,662 B1
  • Filed: 01/13/2014
  • Issued: 02/23/2016
  • Est. Priority Date: 01/13/2014
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • under the control of one or more computer systems configured with executable instructions,receiving requests to access one or more computing resources, the requests including a request from an application executing on a remote computing device associated by the request with a first source Internet Protocol address, the request including a cookie encoding information about a session including information usable to authenticate the request using a weak authentication process;

    determining, based at least in part on the information about the session, whether the first source Internet Protocol address is different from a second source Internet Protocol address previously associated with the session;

    as a result of determining that the first source Internet Protocol address is different from the second source Internet Protocol address, determining, based at least in part on a classification of the second source Internet Protocol address from a set of classifications that includes a fixed Internet Protocol address classification and a variable Internet Protocol Address classification, whether to require a strong authentication process for fulfillment of the request;

    as a result of determining to require the strong authentication process, performing the strong authentication process; and

    as a result of successful authentication by performance of the strong authentication process, performing one or more operations to fulfill the request and updating a database that maintains information about the classification of the second source Internet protocol address.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×