Devices and methods for threat-based authentication for access to computing resources
First Claim
1. An apparatus, comprising:
- a memory storing instructions and a processor operably coupled via a computer network to both (1) a compute device including a set of resources and (2) a client device, the processor configured to execute the instructions to;
to define a resource confidence criterion for each resource from the set of resources based on (1) a threat confidence vector associated with a set of risk mitigation scores for each threat from a set of threats and (2) a set of resource vulnerability scores for each threat from the set of threats;
receive from the client device a signal indicative of an authentication request (1) for a resource from the set of resources and (2) including a credential associated with an authentication mode from a set of authentication modes;
define a resource confidence value for the resource requested by the client device based on a threat confidence vector associated with the authentication mode and the set of resource vulnerability scores;
compare the resource confidence value for the resource and the resource confidence criterion for the resource to determine whether the resource confidence criterion for the resource is satisfied; and
send a signal indicative of a positive authentication when the resource confidence criterion for the resource is satisfied such that the client device is granted access to the resource.
10 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, a method includes receiving, at a host device, a signal indicative of an authentication request for a client device to access a resource from a set of resources. A resource confidence value associated with the authentication request is calculated based at least in part on (1) a threat confidence vector associated with at least one risk mitigation score for each threat from a set of threats and (2) a set of resource vulnerability scores associated with the resource and each threat from the set of threats. The resource confidence value is compared to a resource confidence criterion associated with the resource from the set of resources. A signal indicative of a positive authentication is sent from the host device to the client device when the resource confidence value satisfies the resource confidence criterion such that the client device is granted access to the resource.
7 Citations
22 Claims
-
1. An apparatus, comprising:
-
a memory storing instructions and a processor operably coupled via a computer network to both (1) a compute device including a set of resources and (2) a client device, the processor configured to execute the instructions to; to define a resource confidence criterion for each resource from the set of resources based on (1) a threat confidence vector associated with a set of risk mitigation scores for each threat from a set of threats and (2) a set of resource vulnerability scores for each threat from the set of threats; receive from the client device a signal indicative of an authentication request (1) for a resource from the set of resources and (2) including a credential associated with an authentication mode from a set of authentication modes; define a resource confidence value for the resource requested by the client device based on a threat confidence vector associated with the authentication mode and the set of resource vulnerability scores; compare the resource confidence value for the resource and the resource confidence criterion for the resource to determine whether the resource confidence criterion for the resource is satisfied; and send a signal indicative of a positive authentication when the resource confidence criterion for the resource is satisfied such that the client device is granted access to the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
receiving, at a host device operably coupled via a computer network to both (1) a set of resources and (2) a client device, a signal indicative of an authentication request for the client device to access a resource from the set of resources, the authentication request including a credential associated with an authentication mode from a set of authentication modes; calculating a resource confidence value associated with the authentication request based at least in part on (1) a threat confidence vector associated with at least one risk mitigation score for each threat from a set of threats and (2) a set of resource vulnerability scores associated with the resource and each threat from the set of threats, the resource confidence value representing a degree of confidence associated with an ability of the authentication mode to mitigate each threat from the set of threats from affecting the resource; defining a resource confidence criterion for the resource based at least in part on (1) at least one risk mitigation score associated with each threat from the set of threats and (2) the set of resource vulnerability scores associated with each threat from the set of threats; comparing the resource confidence value to the resource confidence criterion to determine whether the resource confidence criterion is satisfied; and sending, from the host device, a signal indicative of a positive authentication when the resource confidence value satisfies the resource confidence criterion, such that the client device is granted access to the resource. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A method, comprising:
-
receiving, at a host device operably coupled via a computer network to a client device, a signal indicative of an authentication request for a client device to access a resource, the signal including data associated with a first authentication mode and data associated with a second authentication mode different from the first authentication mode; calculating a threat confidence vector based on (1) a risk mitigation score associated with the first authentication mode and a set of threats, and (2) a risk mitigation score associated with the second authentication mode and the set of threats; calculating a resource confidence value for the resource based on (1) the threat confidence vector and (2) a set of resource vulnerability scores associated with the resource and each threat from the set of threats, the resource confidence value for the resource representing a degree of confidence associated with an ability of both the first authentication mode and the second authentication mode to mitigate each threat from the set of threats affecting the resource; defining a resource confidence criterion for the resource based at least in part on (1) at least one risk mitigation score associated with each threat from the set of threats and (2) the set of resource vulnerability scores associated with each threat from the set of threats; comparing the resource confidence value to the resource confidence criterion to determine whether the resource confidence criterion is satisfied; and sending, from the host device to the client device, a signal indicative of a positive authentication when the resource confidence value satisfies the resource confidence criterion such that the client device is granted access to the resource. - View Dependent Claims (18, 19, 20, 21, 22)
-
Specification