Adaptive multi-factor authentication system
First Claim
1. A machine for improved secure access to computing devices, systems, resources, or services, comprising:
- one or more computer servers with authentication modality data stored thereon for a plurality of authentication modalities, wherein the authentication modality data for each authentication modality comprises a trustworthiness factor for each of one or more user input devices, a trustworthiness factor for each of one or more user connection media, and a computational complexity cost factor; and
a processor or microprocessor, wherein the processor or microprocessor is programmed to determine one or more of said authentication modalities to use for an authentication verification event by;
determining the objective trustworthiness value for each modality based on device trustworthiness factors and connection media trustworthiness factors for said modality;
determining a penalty value for each modality based on the computation complexity cost factor for said modality and the previous selection history of said modality for previous authentication verification events;
ranking the authentication modalities based on the objective trustworthiness value and the penalty value; and
applying one or more authentication modalities in order of ranking.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and methodology for adaptive selection of multiple modalities for authentication in different operating environments, thereby making authentication strategy unpredictable so to significantly reduce the risk of exploitation by authentication-guessing attacks. The system calculates trustworthiness values of different authentication factors under various environmental settings, and combines a trust-based adaptive, robust and scalable software-hardware framework for the selection of authentication factors for continuous and triggered authentication with optimal algorithms to determine the security parameters of each of the authentication factors. A subset of authentication factors thus are determined for application at triggering events on-the-fly, thereby leaving no exploitable a priori pattern or clue for hackers to exploit.
-
Citations
10 Claims
-
1. A machine for improved secure access to computing devices, systems, resources, or services, comprising:
-
one or more computer servers with authentication modality data stored thereon for a plurality of authentication modalities, wherein the authentication modality data for each authentication modality comprises a trustworthiness factor for each of one or more user input devices, a trustworthiness factor for each of one or more user connection media, and a computational complexity cost factor; and a processor or microprocessor, wherein the processor or microprocessor is programmed to determine one or more of said authentication modalities to use for an authentication verification event by; determining the objective trustworthiness value for each modality based on device trustworthiness factors and connection media trustworthiness factors for said modality; determining a penalty value for each modality based on the computation complexity cost factor for said modality and the previous selection history of said modality for previous authentication verification events; ranking the authentication modalities based on the objective trustworthiness value and the penalty value; and applying one or more authentication modalities in order of ranking. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification