Continuous authentication confidence module
First Claim
1. A system comprising:
- processor circuitry to operate in a trusted execution environment (TEE);
sensor circuitry comprising at least one sensor to capture sensor input and a system monitoring module to monitor operation of the system and to collect monitor data related to the monitoring;
communication circuitry to communicate with a remote communication partner; and
a continuous authentication confidence module (CACM) to execute in the TEE and to;
determine a confidence score in response to an initial authentication of a specific user, the confidence score to indicate a current strength of authentication at a point in time during a session;
select a type of presence data for use to update the confidence score based, at least in part, on a level of the confidence score, wherein the CACM is to select a first presence data to update the confidence score when the confidence score is less than a first threshold and select a second presence data to update the confidence score when the confidence score is greater than the first threshold, wherein the first presence data acquisition is to consume more power than the second presence data acquisition;
update the confidence score based, at least in part, on at least one of an expectation of user presence and the selected type of presence data; and
notify the remote communication partner that the authentication is no longer valid if the updated confidence score is within a tolerance of a session close threshold.
0 Assignments
0 Petitions
Accused Products
Abstract
Generally, this disclosure describes a continuous authentication confidence module. A system may include user device including processor circuitry configured to determine presence data; a confidence factor including at least one of a sensor configured to capture sensor input and a system monitoring module configured to monitor activity of the user device; memory configured to store a confidence score and an operating system; and a continuous authentication confidence module configured to determine the confidence score in response to an initial authentication of a specific user, update the confidence score based, at least in part, an expectation of user presence and/or selected presence data, and notify the operating system that the authentication is no longer valid if the updated confidence score is within a tolerance of a session close threshold; the initial authentication configured to open a session, the confidence score configured to indicate a current strength of authentication during the session.
-
Citations
17 Claims
-
1. A system comprising:
-
processor circuitry to operate in a trusted execution environment (TEE); sensor circuitry comprising at least one sensor to capture sensor input and a system monitoring module to monitor operation of the system and to collect monitor data related to the monitoring; communication circuitry to communicate with a remote communication partner; and a continuous authentication confidence module (CACM) to execute in the TEE and to; determine a confidence score in response to an initial authentication of a specific user, the confidence score to indicate a current strength of authentication at a point in time during a session; select a type of presence data for use to update the confidence score based, at least in part, on a level of the confidence score, wherein the CACM is to select a first presence data to update the confidence score when the confidence score is less than a first threshold and select a second presence data to update the confidence score when the confidence score is greater than the first threshold, wherein the first presence data acquisition is to consume more power than the second presence data acquisition; update the confidence score based, at least in part, on at least one of an expectation of user presence and the selected type of presence data; and notify the remote communication partner that the authentication is no longer valid if the updated confidence score is within a tolerance of a session close threshold. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
determining, in a trusted execution environment (TEE) of a computing device, a confidence score in response to an initial authentication of a specific user to the computing device, the confidence score to indicate a current strength of authentication at a point in time during a session established between the computing device and a remote communication partner; selecting, in the TEE, a type of presence data for use to update the confidence score based, at least in part, on a level of the confidence score and when the confidence score is at or above a confidence score power threshold, selecting the type of presence data based at least in part on a power consumption associated with acquisition of the selected type of presence data; updating, in the TEE, the confidence score based, at least in part, on at least one of an expectation of user presence and the selected type of presence data; and notifying the remote communication partner that the authentication is no longer valid if the updated confidence score is within a tolerance of a session close threshold. - View Dependent Claims (12, 13, 14)
-
-
15. At least one non-transitory computer readable storage medium comprising instructions that when executed enable a system to:
-
determine, in a trusted execution environment (TEE) of the system, a confidence score in response to an initial authentication of a specific user to the system, the confidence score to indicate a current strength of authentication at a point in time during a session established between the system and a remote communication partner; select, in the TEE, a type of presence data for use to update the confidence score based, at least in part, on a level of the confidence score and when the confidence score is at or above a confidence score power threshold, select the type of presence data based at least in part on a power consumption associated with acquisition of the selected type of presence data; update, in the TEE, the confidence score based, at least in part, on at least one of an expectation of user presence and the selected type of presence data; and notify the remote communication partner that the authentication is no longer valid if the updated confidence score is within a tolerance of a session close threshold. - View Dependent Claims (16, 17)
-
Specification