Methods for facilitating improved user authentication using persistent data and devices thereof
First Claim
1. A method for facilitating improved user authentication using persistent data, the method comprising:
- obtaining, by an access policy management device, a first set of attributes based on a login request received from a client device, the first set of attributes including at least credentials for a user of the client device;
identifying, by the access policy management device, a persistent data store record for the user and importing at least a second set of attributes associated with the user and included in the persistent data store record into a session cache record for the user;
generating, by the access policy management device, a confidence level based on a comparison of a fingerprint comprising at least a subset of the second set of attributes to the first set of attributes, wherein the at least a subset of the second set of attributes comprise data obtained during prior sessions for the user;
determining, by the access policy management device, when the confidence level exceeds a threshold confidence level;
initiating, by the access policy management device, a multifactor authentication to determine when the user is authenticated by requesting authentication data from the client device for each of a plurality of factors, when the determining indicates that the confidence level does not exceed the threshold confidence level; and
establishing, by the access policy management device, a session for the user and allowing access by the user to one or more network resources, when the determining indicates that the user is authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, non-transitory computer readable medium, and access policy management computing device that obtains a first set of attributes based on a login request received from a client device. The first set of attributes includes at least credentials for a user of the client device. A persistent data store record for the user is identified and a second set of attributes associated with the user, and included in the persistent data store record, is imported into a session cache record for the user. A fingerprint including the second set of attributes is compared to the first set of attributes. A multifactor or single factor authentication is initiated based on a result of the comparison to determine when the credentials for the user are valid. A session for the user is established and access by the user to network resource(s) is allowed, when the credentials for the user are valid.
130 Citations
15 Claims
-
1. A method for facilitating improved user authentication using persistent data, the method comprising:
-
obtaining, by an access policy management device, a first set of attributes based on a login request received from a client device, the first set of attributes including at least credentials for a user of the client device; identifying, by the access policy management device, a persistent data store record for the user and importing at least a second set of attributes associated with the user and included in the persistent data store record into a session cache record for the user; generating, by the access policy management device, a confidence level based on a comparison of a fingerprint comprising at least a subset of the second set of attributes to the first set of attributes, wherein the at least a subset of the second set of attributes comprise data obtained during prior sessions for the user; determining, by the access policy management device, when the confidence level exceeds a threshold confidence level; initiating, by the access policy management device, a multifactor authentication to determine when the user is authenticated by requesting authentication data from the client device for each of a plurality of factors, when the determining indicates that the confidence level does not exceed the threshold confidence level; and establishing, by the access policy management device, a session for the user and allowing access by the user to one or more network resources, when the determining indicates that the user is authenticated. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An access policy management device, comprising a processor and a memory coupled to the processor, wherein the memory comprises programmed instructions stored in the memory and a session cache and the processor is configured to be capable of executing the programmed instructions stored in the memory to:
-
obtain a first set of attributes based on a login request received from a client device, the first set of attributes including at least credentials for a user of the client device; identify a persistent data store record for the user and importing at least a second set of attributes associated with the user and included in the persistent data store record into a record for the user in the session cache; generate a confidence level based on a comparison of a fingerprint comprising at least a subset of the second set of attributes to the first set of attributes; determine when the confidence level exceeds a threshold confidence level; initiate a multifactor authentication to determine when the user is authenticated by requesting authentication data from the client device for each of a plurality of factors, when the determining indicates that the confidence level does not exceed the threshold confidence level; and establish a session for the user and allowing access by the user to one or more network resources, when the determining indicates that the user is authenticated. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer readable medium having stored thereon executable instructions for facilitating improved user authentication using persistent data comprising executable code which when executed by a processor, causes the processor to perform steps comprising:
-
obtaining a first set of attributes based on a login request received from a client device, the first set of attributes including at least credentials for a user of the client device; identifying a persistent data store record for the user and importing at least a second set of attributes associated with the user and included in the persistent data store record into a session cache record for the user; generating a confidence level based on a comparison of a fingerprint comprising at least a subset of the second set of attributes to the first set of attributes; determining when the confidence level exceeds a threshold confidence level; initiating a multifactor authentication to determine when the user is authenticated by requesting authentication data from the client device for each of a plurality of factors, when the determining indicates that the confidence level does not exceed the threshold confidence level; and establishing a session for the user and allowing access by the user to one or more network resources, when the determining indicates that the user is authenticated. - View Dependent Claims (12, 13, 14, 15)
-
Specification