Risk-based authentication duration
First Claim
Patent Images
1. A computer-implemented method, comprising:
- obtaining, via at least one of one or more computing devices, a plurality of whitelist operations to be performed on a network site and a plurality of blacklist operations to be performed on a network site from a user;
determining, via at least one of the one or more computing devices, an authentication duration for the user based at least in part on a risk of performing an operation in response to obtaining a request from the user for the operation, the authentication duration based at least in part on the operation being one of the plurality of blacklist operations or one of the plurality of whitelist operations; and
initiating, via at least one of the one or more computing devices, an authentication procedure to re-authenticate the user in response to determining that a current session for the operation has expired based at least in part on the authentication duration.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments that perform confidence-based authentication of a user. A request from a user is obtained, where the request pertains to an operation on a network site. An authentication duration for the user is determined, based on a risk to the user of performing the operation. A determination is made whether a current session associated with the user has expired, based on the authentication duration. The operation requested by the user is performed in response to the determination that the current session associated with the user has expired.
15 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
obtaining, via at least one of one or more computing devices, a plurality of whitelist operations to be performed on a network site and a plurality of blacklist operations to be performed on a network site from a user; determining, via at least one of the one or more computing devices, an authentication duration for the user based at least in part on a risk of performing an operation in response to obtaining a request from the user for the operation, the authentication duration based at least in part on the operation being one of the plurality of blacklist operations or one of the plurality of whitelist operations; and initiating, via at least one of the one or more computing devices, an authentication procedure to re-authenticate the user in response to determining that a current session for the operation has expired based at least in part on the authentication duration. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system, comprising:
-
at least one computing device; and an authentication application executable in the at least one computing device, the authentication application comprising; logic that obtains a plurality of whitelist operations and a plurality of blacklist operations from a user; logic that computes a base risk for an operation in response to obtaining a request from the user for the operation, the base risk measuring a risk of performing the operation, the base risk based at least in part on whether the operation is one of the plurality of blacklist operations or one of the plurality of whitelist operations; and logic that determines an authentication duration for the user based at least in part on the base risk, the authentication duration based at least in part on whether the operation is one of the plurality of blacklist operations or one of the plurality of whitelist operations. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable medium embodying a program executable by a computing device, the program comprising:
-
code that obtains a whitelist operation and a blacklist operation from a user; code that determines an authentication duration for the whitelist operation and an authentication duration for the blacklist operation, the authentication duration for the whitelist operation being longer relative to the authentication duration for the blacklist operation; code that obtains a request from the user for an operation; code that re-authenticates the user upon expiration of the authentication duration for the whitelist operation in response to determining that the operation is the whitelist operation; and code that re-authenticates the user upon expiration the authentication duration for the blacklist operation in response to determining that the operation is the blacklist operation. - View Dependent Claims (19, 20)
-
Specification