×

Managing user authentication in association with application access

  • US 9,736,169 B2
  • Filed: 07/02/2015
  • Issued: 08/15/2017
  • Est. Priority Date: 07/02/2015
  • Status: Active Grant
0
Associated Cases
0
Associated Defendants
0
Product Citations
0
Petitions
4
Forward Citations
1
Assignment
First Claim
Patent Images

1. A method comprising:

  • receiving, by a client computer and as part of a user located at the client computer attempting to access an application, primary user credentials from the user, wherein the primary user credentials include a user identifier and an additional authentication factor;

    attempting, by the client computer and in response to the receiving the primary user credentials, to authenticate the primary user credentials via a primary authentication mechanism hosted on an authentication server, wherein the authentication server is remote from the client computer;

    failing, by the client computer, to complete the attempt to authenticate the primary user credentials via the primary authentication mechanism due to the client computer being unable to establish a network connection with the authentication server;

    identifying, by the client computer, an access allowance rate for the primary authentication mechanism, the access allowance rate based on a plurality of prior completed authentication attempts associated with the user identifier, wherein the access allowance rate is stored locally on the client computer;

    comparing, by the client computer and in response to the failure to complete the authentication attempt via the primary authentication mechanism, the access allowance rate to a set of criteria;

    determining, by the client computer and based on the comparing, that the access allowance rate satisfies the set of criteria;

    prompting, by the client computer and in response to the determining that the access allowance rate satisfies the set of criteria, the user to provide a second additional authentication factor;

    receiving, by the client computer and in response to the prompting, the second additional authentication factor;

    authenticating, by a secondary authentication mechanism hosted on the client computer, the second additional authentication factor;

    allowing, in response to the authentication via the secondary authentication mechanism, the user access to the application, wherein the inability to complete the authentication attempt via the primary authentication mechanism causes the allowed access to be read-only access for a main portion of a database, the main portion of the database including a primary version of a data set;

    receiving, by the client computer and after the allowing the user access to the application, a user request to modify the data set;

    storing, in response to the user request, a modified version of the data set in a quarantine portion of the database;

    establishing, by the client computer and after the storing the modified version of the data set, the network connection with the authentication server;

    determining, by the client computer and in response to the establishing the network connection, whether the primary user credentials are currently authenticated by the primary authentication mechanism;

    in response to determining that the primary user credentials are currently authenticated by the primary authentication mechanism, replacing, by the client computer, the primary version of the data set in the main portion of the database with the modified version of the data set and expanding, by the client computer, the allowed access for the main portion of the database from read-only access to full access; and

    in response to determining that the primary user credentials are not currently authenticated by the primary authentication mechanism, deleting, by the client computer, the modified version of the data set in the quarantine portion of the database and revoking, by the client computer, the allowed access.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×