Multi-factor authentication using a user behavior profile as a factor

US 10,326,775 B2
Filed: 05/08/2018
Issued: 06/18/2019
Est. Priority Date: 05/15/2017
Status: Active Grant

First Claim

Patent Images

1. A computer-implementable method for performing a multi-factor authentication operation, comprising:

monitoring electronically-observable user behavior of a user, the electronically-observable user behavior comprising a behavior exhibited by a user that is observed through the use of at least one of an electronic device, a computer system and a software application executing on the computing system;

converting the electronically-observable user behavior into electronic information representing the electronically-observable user behavior;

generating a user behavior factor based upon the electronic information representing the electronically-observable user behavior;

identifying a first user behavior factor as a known good user behavior factor when the user behavior corresponds to a known good user behavior;

identifying a second user behavior factor as an anomalous user behavior factor when the user behavior corresponds to an anomalous behavior;

using one of the first and second user behavior factors as a factor of a multi-factor authentication when authenticating the user, the multi-factor authentication being strengthened when the user behavior factor comprises the known good user behavior factor; and

,modifying an outcome of the multi-factor authentication when authenticating the user when the user behavior factor comprises the anomalous user behavior factor; and

whereinthe multi-factor authentication uses three authentication factors in addition to using the user behavior factor when performing the multi-factor authentication;

the user behavior factor provides a fourth authentication factor, the fourth authentication factor being uniquely associated with the user, the fourth authentication factor representing at least one of what the user has done, what the user is currently doing and what the user is expected to do, use of the user behavior factor when performing the multi-factor authentication following the use of the three authentication factors when performing the multifactor authentication; and

,the multi-factor authentication is strengthened when performing the multi-factor authentication by an addition of the fourth authentication factor, the fourth authentication factor being uniquely associated with the user.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer-usable medium are disclosed for performing a multi-factor authentication operation, comprising: monitoring electronically-observable user behavior; converting the electronically-observable user behavior into electronic information representing the electronically-observable user behavior; generating a user behavior factor based upon the electronic information representing the electronically-observable user behavior; and, using the user behavior factor as a factor of a multi-factor authentication.

142 Citations

20 Claims

1. A computer-implementable method for performing a multi-factor authentication operation, comprising:
- monitoring electronically-observable user behavior of a user, the electronically-observable user behavior comprising a behavior exhibited by a user that is observed through the use of at least one of an electronic device, a computer system and a software application executing on the computing system;
  
  converting the electronically-observable user behavior into electronic information representing the electronically-observable user behavior;
  
  generating a user behavior factor based upon the electronic information representing the electronically-observable user behavior;
  
  identifying a first user behavior factor as a known good user behavior factor when the user behavior corresponds to a known good user behavior;
  
  identifying a second user behavior factor as an anomalous user behavior factor when the user behavior corresponds to an anomalous behavior;
  
  using one of the first and second user behavior factors as a factor of a multi-factor authentication when authenticating the user, the multi-factor authentication being strengthened when the user behavior factor comprises the known good user behavior factor; and
  
  ,modifying an outcome of the multi-factor authentication when authenticating the user when the user behavior factor comprises the anomalous user behavior factor; and
  
  whereinthe multi-factor authentication uses three authentication factors in addition to using the user behavior factor when performing the multi-factor authentication;
  
  the user behavior factor provides a fourth authentication factor, the fourth authentication factor being uniquely associated with the user, the fourth authentication factor representing at least one of what the user has done, what the user is currently doing and what the user is expected to do, use of the user behavior factor when performing the multi-factor authentication following the use of the three authentication factors when performing the multifactor authentication; and
  
  ,the multi-factor authentication is strengthened when performing the multi-factor authentication by an addition of the fourth authentication factor, the fourth authentication factor being uniquely associated with the user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein:
    - the three authentication factors comprise a first authentication factor, a second authentication factor and a third authentication factor, the first authentication factor being something the user knows, the second authentication factor being something the user possesses and the third authentication factor being something that is inherent to the user.
  - 3. The method of claim 1, wherein:
    - the user behavior factor includes a user behavior element.
  - 4. The method of claim 3, wherein:
    - the user behavior element is associated with a corresponding user behavior profile; and
      
      ,the user behavior profile is used when performing the multi-factor authentication.
  - 5. The method of claim 1, wherein:
    - the multi-factor authentication is performed on at least one of a recurring basis and at certain time intervals during enactment of a particular user behavior.
  - 6. The method of claim 1, wherein:
    - the multi-factor authentication is performed in response to detection of a particular user behavior.

7. A system comprising:
- a processor;
  
  a data bus coupled to the processor; and
  
  a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for;
  
  monitoring electronically-observable user behavior of a user, the electronically-observable user behavior comprising a behavior exhibited by a user that is observed through the use of at least one of an electronic device, a computer system and a software application executing on the computing system;
  
  converting the electronically-observable user behavior into electronic information representing the electronically-observable user behavior;
  
  generating a user behavior factor based upon the electronic information representing the electronically-observable user behavior;
  
  identifying a first user behavior factor as a known good user behavior factor when the user behavior corresponds to a known good user behavior;
  
  identifying a second user behavior factor as an anomalous user behavior factor when the user behavior corresponds to an anomalous behavior;
  
  using one of the first and second user behavior factors as a factor of a multi-factor authentication when authenticating the user, the multi-factor authentication being strengthened when the user behavior factor comprises the known good user behavior factor; and
  
  ,modifying an outcome of the multi-factor authentication when authenticating the user when the user behavior factor comprises the anomalous user behavior factor; and
  
  whereinthe multi-factor authentication uses three authentication factors in addition to using the user behavior factor when performing the multi-factor authentication;
  
  the user behavior factor provides a fourth authentication factor, the fourth authentication factor being uniquely associated with the user, the fourth authentication factor representing at least one of what the user has done, what the user is currently doing and what the user is expected to do, use of the user behavior factor when performing the multi-factor authentication following the use of the three authentication factors when performing the multifactor authentication; and
  
  ,the multi-factor authentication is strengthened when performing the multi-factor authentication by an addition of the fourth authentication factor, the fourth authentication factor being uniquely associated with the user.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein:
    - the three authentication factors comprise a first authentication factor, a second authentication factor and a third authentication factor, the first authentication factor being something the user knows, the second authentication factor being something the user possesses and the third authentication factor being something that is inherent to the user.
  - 9. The system of claim 7, wherein:
    - the user behavior factor includes a user behavior element.
  - 10. The system of claim 7, wherein:
    - the user behavior element is associated with a corresponding user behavior profile; and
      
      ,the user behavior profile is used when performing the multi-factor authentication.
  - 11. The system of claim 7, wherein:
    - the multi-factor authentication is performed on at least one of a recurring basis and at certain time intervals during enactment of a particular user behavior.
  - 12. The system of claim 7, wherein:
    - the multi-factor authentication is performed in response to detection of a particular user behavior.

13. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for:
- monitoring electronically-observable user behavior of a user, the electronically-observable user behavior comprising a behavior exhibited by a user that is observed through the use of at least one of an electronic device, a computer system and a software application executing on the computing system;
  
  converting the electronically-observable user behavior into electronic information representing the electronically-observable user behavior;
  
  generating a user behavior factor based upon the electronic information representing the electronically-observable user behavior;
  
  identifying a first user behavior factor as a known good user behavior factor when the user behavior corresponds to a known good user behavior;
  
  identifying a second user behavior factor as an anomalous user behavior factor when the user behavior corresponds to an anomalous behavior;
  
  using one of the first and second user behavior factors as a factor of a multi-factor authentication when authenticating the user, the multi-factor authentication being strengthened when the user behavior factor comprises the known good user behavior factor; and
  
  ,modifying an outcome of the multi-factor authentication when authenticating the user when the user behavior factor comprises the anomalous user behavior factor; and
  
  whereinthe multi-factor authentication uses three authentication factors in addition to using the user behavior factor when performing the multi-factor authentication;
  
  the user behavior factor provides a fourth authentication factor, the fourth authentication factor being uniquely associated with the user, the fourth authentication factor representing at least one of what the user has done, what the user is currently doing and what the user is expected to do, use of the user behavior factor when performing the multi-factor authentication following the use of the three authentication factors when performing the multifactor authentication; and
  
  ,the multi-factor authentication is strengthened when performing the multi-factor authentication by an addition of the fourth authentication factor, the fourth authentication factor being uniquely associated with the user.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the three authentication factors comprise a first authentication factor, a second authentication factor and a third authentication factor, the first authentication factor being something the user knows, the second authentication factor being something the user possesses and the third authentication factor being something that is inherent to the user.
  - 15. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the user behavior factor includes a user behavior element.
  - 16. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the user behavior element is associated with a corresponding user behavior profile; and
      
      ,the user behavior profile is used when performing the multi-factor authentication.
  - 17. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the multi-factor authentication is performed on at least one of a recurring basis and at certain time intervals during enactment of a particular user behavior.
  - 18. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the multi-factor authentication is performed in response to detection of a particular user behavior.
  - 19. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the computer executable instructions are deployable to a client system from a server system at a remote location.
  - 20. The non-transitory, computer-readable storage medium of claim 13, wherein:
    - the computer executable instructions are provided by a service provider to a user on an on-demand basis.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Forcepoint LLC
Original Assignee
Forcepoint LLC
Inventors
Ford, Richard Anthony, Swafford, Brandon L.
Primary Examiner(s)
Schwartz, Darren B

Application Number

US15/974,237
Publication Number

US 20180332071A1
Time in Patent Office

406 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 63/14   for detecting or protecting...

H04L 63/1433   Vulnerability analysis

H04L 67/306   User profiles

H04L 9/3236   using cryptographic hash fu...

H04L 9/50   using hash chains, e.g. blo...

Multi-factor authentication using a user behavior profile as a factor

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

142 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Multi-factor authentication using a user behavior profile as a factor

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

142 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others