Dynamic trust model for authenticating a user
First Claim
Patent Images
1. A method for authenticating a user, comprising:
- determining, by computer, a trust level for the user after a first elapsed time, wherein the trust level is a function of the first elapsed time since the user previously provided authentication information, wherein the trust level decays as a function of the first elapsed time, and wherein a higher trust level is associated with a slower rate of decay of the trust level;
receiving notice of an identified security threat that affects multiple users;
determining a new rate of decay of the trust level based on the identified security threat;
determining a new trust level after a second elapsed time since receiving notice of the identified security threat, wherein the new trust level is obtained by multiplying the second elapsed time with the new rate of decay of the trust level;
calculating a transaction risk level based on a type of user transaction performed by the user; and
requesting additional authentication information from the user when the transaction risk level exceeds the new trust level.
1 Assignment
0 Petitions
Accused Products
Abstract
A system that that dynamically authenticates one or more users is described. During operation, the computer system determines a trust level for a user, where the trust level is a function of elapsed time since the user previously provided authentication information. Next, the computer system calculates a transaction risk level based on a type of user transaction performed by the user. Then, the computer system requests additional authentication information from the user based on the trust level and the transaction risk level.
28 Citations
19 Claims
-
1. A method for authenticating a user, comprising:
-
determining, by computer, a trust level for the user after a first elapsed time, wherein the trust level is a function of the first elapsed time since the user previously provided authentication information, wherein the trust level decays as a function of the first elapsed time, and wherein a higher trust level is associated with a slower rate of decay of the trust level; receiving notice of an identified security threat that affects multiple users; determining a new rate of decay of the trust level based on the identified security threat; determining a new trust level after a second elapsed time since receiving notice of the identified security threat, wherein the new trust level is obtained by multiplying the second elapsed time with the new rate of decay of the trust level; calculating a transaction risk level based on a type of user transaction performed by the user; and requesting additional authentication information from the user when the transaction risk level exceeds the new trust level. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium storing instructions that, when executed by a computer, cause the computer to perform a method for authenticating and authorizing a user, the method comprising:
-
determining a trust level for a user after a first elapsed time, wherein the trust level is a function of the first elapsed time since the user previously provided authentication information, wherein the trust level decays as a function of the first elapsed time, and wherein a higher trust level is associated with a slower rate of decay of the trust level; receiving notice of an identified security threat that affects multiple users;
determining a new rate of decay of the trust level based on the identified security threat;determining a new trust level after a second elapsed time since receiving notice of the identified security threat, wherein the new trust level is obtained by multiplying the second elapsed time with the new rate of decay of the trust level; calculating a transaction risk level based on a type of user transaction performed by the user; and requesting additional authentication information from the user when the transactional risk level exceeds the new trust level. - View Dependent Claims (17)
-
-
18. A computer system, comprising:
-
a processor; memory; and a program module, wherein the program module is stored in the memory and configured to be executed by the processor, the program module including; instructions for determining a trust level for a user after a first elapsed time, wherein the trust level is a function of the first elapsed time since the user previously provided authentication information, wherein the trust level decays as a function of the first elapsed time, and wherein a higher trust level is associated with a slower rate of decay of the trust level; instructions for receiving notice of an identified security threat that affects multiple users; instructions for determining a new rate of decay of the trust level based on the identified security threat; instructions for determining a new trust level after a second elapsed time since receiving notice of the identified security threat, wherein the new trust level is obtained by multiplying the second elapsed time with the new rate of decay of the trust level; instructions for calculating a transaction risk level based on a type of user transaction performed by the user; and instructions for requesting additional authentication information from the user when the transactional risk level exceeds the new trust level. - View Dependent Claims (19)
-
Specification