Graduated authentication in an identity management system
First Claim
Patent Images
1. A computer-implemented method for implementing variable transaction security levels, the method comprising:
- receiving, using one or more hardware processors, at a first computing system, from a second computing system, a request for information, wherein responding to the request requires two or more transactions and wherein;
at least a first of the two or more transactions is associated with a first transaction security level;
at least a second of the two or more transactions is associated with a second transaction security level different from the first transaction security level; and
each of the first transaction security level and the second transaction security level comprise at least one of;
a transaction authentication security level, a transaction channel security level, or a transaction time sensitivity security level; and
performing, using the one or more hardware processors, the first transaction at the first transaction security level and performing the second transaction at the second transaction security level, each performing accomplished by;
selecting, using the one or more hardware processors, a channel with a channel security level to perform the transaction, the channel selected based on a correspondence between the transaction channel security level for the transaction and the channel security level of the selected channel;
selecting, using the one or more hardware processors, an authentication mechanism with an authentication security level to perform the transaction, the authentication mechanism selected based on a correspondence between the transaction authentication security level for the transaction and the authentication security level;
orperforming, using the one or more hardware processors, at least part of the transaction within a specified time limit corresponding to the transaction time sensitivity security level for the transaction.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for graduated security in an identity management system utilize differing levels of time sensitivity, channel security and authentication security to provide a multi-dimensional approach to providing the right fit for differing identity requests. The differing levels of security can be selected by user preference, membersite request or homesite policy.
202 Citations
20 Claims
-
1. A computer-implemented method for implementing variable transaction security levels, the method comprising:
-
receiving, using one or more hardware processors, at a first computing system, from a second computing system, a request for information, wherein responding to the request requires two or more transactions and wherein; at least a first of the two or more transactions is associated with a first transaction security level; at least a second of the two or more transactions is associated with a second transaction security level different from the first transaction security level; and each of the first transaction security level and the second transaction security level comprise at least one of;
a transaction authentication security level, a transaction channel security level, or a transaction time sensitivity security level; andperforming, using the one or more hardware processors, the first transaction at the first transaction security level and performing the second transaction at the second transaction security level, each performing accomplished by; selecting, using the one or more hardware processors, a channel with a channel security level to perform the transaction, the channel selected based on a correspondence between the transaction channel security level for the transaction and the channel security level of the selected channel; selecting, using the one or more hardware processors, an authentication mechanism with an authentication security level to perform the transaction, the authentication mechanism selected based on a correspondence between the transaction authentication security level for the transaction and the authentication security level;
orperforming, using the one or more hardware processors, at least part of the transaction within a specified time limit corresponding to the transaction time sensitivity security level for the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium storing instructions that, when executed by a computing system, cause the computing system to perform operations for implementing variable transaction security levels, the operations comprising:
-
receiving, using one or more hardware processors, a request for information, wherein responding to the request requires a transaction; wherein the transaction is associated with a transaction security level; and wherein the transaction security level comprises at least one of;
a transaction authentication security level, a transaction channel security level, or a transaction time sensitivity security level; andperforming, using the one or more hardware processors, the transaction at the transaction security level by; selecting a channel with a channel security level to perform the transaction, the channel selected based on a correspondence between the transaction channel security level for the transaction and the channel security level of the selected channel; selecting an authentication mechanism with an authentication security level to perform the transaction, the authentication mechanism selected based on a correspondence between the transaction authentication security level for the transaction and the authentication security level;
orperforming at least part of the transaction within a specified time limit corresponding to the transaction time sensitivity security level for the transaction. - View Dependent Claims (15, 16, 17)
-
-
18. A system comprising:
-
a memory; one or more hardware processors; an interface configured to receive, using the one or more hardware processors, a request for information, wherein responding to the request requires a transaction; wherein the transaction is associated with a transaction security level; and wherein the transaction security level comprises at least one of;
a transaction authentication security level, a transaction channel security level, or a transaction time sensitivity security level; anda security module configured to perform, using the one or more hardware processors, the transaction at the transaction security level by; selecting, using the one or more hardware processors, a channel with a channel security level to perform the transaction, the channel selected based on a correspondence between the transaction channel security level for the transaction and the channel security level of the selected channel; selecting, using the one or more hardware processors, an authentication mechanism with an authentication security level to perform the transaction, the authentication mechanism selected based on a correspondence between the transaction authentication security level for the transaction and the authentication security level;
orperforming, using the one or more hardware processors, at least part of the transaction within a specified time limit corresponding to the transaction time sensitivity security level for the transaction. - View Dependent Claims (19, 20)
-
Specification