Method and system for authenticating user content
US-2024394347-A1 · Nov 28, 2024 · US
Passive security enforcement
US10389712B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10389712-B2 |
| Application number | US-201715472962-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 29, 2017 |
| Priority date | Jan 23, 2009 |
| Publication date | Aug 20, 2019 |
| Grant date | Aug 20, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels.
First claim
Opening claim text (preview).
We claim: 1. A method for passive authentication by a computing system, the method comprising: receiving, by the computing system, a first attribute; passively authenticating, by the computing system, a user at a first authentication level based on comparing the first attribute to one or more first previously stored attributes, the first attribute having a first weight; computing a confidence level associated with the first attribute and first weight; receiving, by the computing system, a request to complete a transaction; determining a confidence level to complete the transaction; receiving, by the computing system, a second attribute; passively updating, by the computing system, the first authentication level to a second authentication level different from the first authentication level based on comparing the second attribute to one or more second previously stored attributes, the second attribute having a second weight; modifying the confidence level based upon the second attribute and the second weight; determining the confidence level based upon the second attribute is sufficient to complete the transaction; and completing the transaction, wherein the first and second attributes each comprise an event indicative of the user or a physical characteristic of the user, and wherein each previously stored attribute comprises a previously stored event, a previously stored physical characteristic, or one or more previously determined acceptable values for one or more users. 2. The method of claim 1 wherein the attribute is moving the computing system to a location that is identifiable by the computing system. 3. The method of claim 2 wherein the receiving includes at least one of capturing an image of surroundings using a camera, receiving location information, identifying a name of a data communications network, and identifying a device in a data communications network. 4. The method of claim 1 further comprising: initially disabling passive authentication; and enabling passive authentication after storing the first attribute. 5. The method of claim 4 wherein when passive authentication is disabled, requiring the user to actively authenticate before completing a transaction requested by the user. 6. The method of claim 1 wherein the attribute is an indication of making a telephone call. 7. The method of claim 6 wherein the attribute is an indication of a telephone number to which the telephone call is made and the previously stored first attribute is a telephone number stored in a list of contacts. 8. The method of claim 1 wherein the attribute is an indication of a detected temperature. 9. The method of claim 1 wherein the attribute is an indication of a detected motion. 10. The method of claim 1 wherein the attribute is an indication of a detected pressure. 11. The method of claim 1 wherein the attribute is an indication of detecting co-presence of another device. 12. The method of claim 1 wherein the attribute is an indication of a detected recognizing a face.
Assignees
Inventors
Classifications
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
- G06F21/316Primary
by observing the pattern of computer usage, e.g. typical user behaviour · CPC title
applying multi-factor authentication · CPC title
using biometric data, e.g. fingerprints, iris scans or voiceprints · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10389712B2 cover?
- Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of acce…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/316. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Aug 20 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).