Adaptive multi-factor authentication system
First Claim
1. A machine for improved secure access to computing devices, systems, resources, or services, comprising:
- one or more computer servers with authentication modality data stored thereon for a plurality of authentication modalities, wherein the authentication modality data for each authentication modality comprises a trustworthiness factor for each of one or more user input devices, a trustworthiness factor for each of one or more user connection media, and a computational complexity cost factor; and
a processor or microprocessor, wherein the processor or microprocessor is programmed to determine one or more of said authentication modalities to use for an authentication verification event by;
determining the objective trustworthiness value for each modality based on device trustworthiness factors and connection media trustworthiness factors for said modality;
determining a penalty value for each modality based on the computation complexity cost factor for said modality and the previous selection history of said modality for previous authentication verification events;
ranking the authentication modalities based on the objective trustworthiness value and the penalty value; and
applying one or more authentication modalities in order of ranking.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and methodology for adaptive selection of multiple modalities for authentication in different operating environments, thereby making authentication strategy unpredictable so to significantly reduce the risk of exploitation by authentication-guessing attacks. The system calculates trustworthiness values of different authentication factors under various environmental settings, and combines a trust-based adaptive, robust and scalable software-hardware framework for the selection of authentication factors for continuous and triggered authentication with optimal algorithms to determine the security parameters of each of the authentication factors. A subset of authentication factors thus are determined for application at triggering events on-the-fly, thereby leaving no exploitable a priori pattern or clue for hackers to exploit.
-
Citations
10 Claims
-
1. A machine for improved secure access to computing devices, systems, resources, or services, comprising:
-
one or more computer servers with authentication modality data stored thereon for a plurality of authentication modalities, wherein the authentication modality data for each authentication modality comprises a trustworthiness factor for each of one or more user input devices, a trustworthiness factor for each of one or more user connection media, and a computational complexity cost factor; and a processor or microprocessor, wherein the processor or microprocessor is programmed to determine one or more of said authentication modalities to use for an authentication verification event by; determining the objective trustworthiness value for each modality based on device trustworthiness factors and connection media trustworthiness factors for said modality; determining a penalty value for each modality based on the computation complexity cost factor for said modality and the previous selection history of said modality for previous authentication verification events; ranking the authentication modalities based on the objective trustworthiness value and the penalty value; and applying one or more authentication modalities in order of ranking. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification
-
- Resources
-
Current AssigneeUniversity of Memphis, University of Memphis Research Foundation
-
Original AssigneeAbhijit Kumar Nag, Arunava Roy
-
InventorsDasgupta, Dipankar, Nag, Abhijit Kumar, Roy, Arunava
-
Primary Examiner(s)Song, Hosuk
-
Application NumberUS14/968,676Publication NumberTime in Patent Office813 DaysField of Search726 2- 7, 713168, 713182, 713185, 713186US Class CurrentCPC Class CodesG06F 21/316 by observing the pattern of...G06F 21/32 using biometric data, e.g. ...G06F 21/36 by graphic or iconic repres...G06F 21/40 by quorum, i.e. whereby two...G06F 21/45 Structures or tools for the...H04L 2463/082 applying multi-factor authe...H04L 63/08 for authentication of entit...H04L 63/083 using passwords cryptograph...H04L 63/0861 using biometrical features,...
