Adaptive authentication
US-9654477-B1 · May 16, 2017 · US
Computing asset access control
US11301551B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11301551-B2 |
| Application number | US-202016801919-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 26, 2020 |
| Priority date | Jul 6, 2017 |
| Publication date | Apr 12, 2022 |
| Grant date | Apr 12, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Access to computing assets is controlled by dynamically selecting an authentication process for an access attempt to a computing asset. In an example embodiment, when an indication of an access attempt for a computing asset is received, a security level associated with the computing asset is determined. Based on the security level associated with the computing asset, an authentication process is selected from a plurality of authentication processes, and the selected authentication process is executed in relation to the access attempt for the computing asset. In further embodiments, the authentication process is further selected based on a comparison of an access characteristic associated with the access attempt for the computing asset and an access characteristic for a user associated with the access attempt.
First claim
Opening claim text (preview).
The invention claimed is: 1. A computer-implement method comprising: receiving an indication of an access attempt for a first computing asset using an identity of a first user of a plurality of users; determining a security level associated with the first computing asset, the security level being determined based on at least one access characteristic associated with the first user, wherein the at least one access characteristic is generated by a machine learning algorithm; selecting, based on the security level associated with the first computing asset, a first authentication process from a plurality of authentication processes; and executing the first authentication process in relation to the access attempt for the first computing asset. 2. The computer-implemented method of claim 1 , further comprising: receiving an indication of an access attempt for a second computing asset using the identity of the first user; determining a security level associated with the second computing asset, the security level associated with the second computing asset being higher than the security level associated with the first computing asset; selecting, based on the security level associated with the second computing asset, a second authentication process from the plurality of authentication processes; and executing the second authentication process in relation to the access attempt for the second computing asset. 3. The computer-implemented method of claim 2 , wherein the second authentication process requires additional information not required in the first authentication process. 4. The computer-implemented method of claim 1 , wherein the first authentication process is further selected based on a comparison of at least one access characteristic associated with the access attempt for the first computing asset and the at least one access characteristic for the first user. 5. The computer-implemented method of claim 4 , wherein the at least one access characteristic for the first user is determined from access data indicating an access history of the first user to one or more computing assets. 6. The computer-implemented method of claim 5 , wherein the at least one access characteristic for the first user is determined by: analyzing, by the machine learning algorithm, the access data to generate a set of access characteristics for the first user that includes the at least one access characteristic for the first user. 7. The computer-implemented method of claim 4 , wherein the first authentication process is selected based on the at least one characteristic associated with the current access attempt for the first computing asset being anomalous to the at least one access characteristic for the first user. 8. The computer-implemented method of claim 1 , wherein the first authentication process is further selected based on a requested privilege level associated with the access attempt for the first computing asset. 9. One or more computer-readable media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising: receiving an indication of an access attempt for a first computing asset using an identity of a first user of a plurality of users; determining a security level associated with the first computing asset, the security level being determined based on at least one access characteristic associated with the first user, wherein the at least one access characteristic is generated by a machine learning algorithm; selecting, based on the security level associated with the first computing asset, a first authentication process from a plurality of authentication processes; and executing the first authentication process in relation to the access attempt for the first computing asset. 10. The one or more computer-readable media of claim 9 , further comprising: receiving an indication of an access attempt for a second computing asset using the identity of the first user; determining a security level associated with the second computing asset, the security level associated with the second computing asset being higher than the security level associated with the first computing asset; selecting, based on the security level associated with the second computing asset, a second authentication process from the plurality of authentication processes; and executing the second authentication process in relation to the access attempt for the second computing asset. 11. The one or more computer-readable media of claim 10 , wherein the second authentication process requires additional information not required in the first authentication process. 12. The one or more computer-readable media of claim 9 , wherein the first authentication process is further selected based on a comparison of at least one access characteristic associated with the access attempt for the first computing asset and the at least one access characteristic for the first user. 13. The one or more computer-readable media of claim 12 , wherein the at least one access characteristic for the first user is determined from access data indicating an access history of the first user to one or more computing assets. 14. The one or more computer-readable media of claim 13 , wherein the at least one access characteristic for the first user is determined by: analyzing, by the machine learning algorithm, the access data to generate a set of access characteristics for the first user that includes the at least one access characteristic for the first user. 15. The one or more computer-readable media of claim 12 , wherein the first authentication process is selected based on the at least one characteristic associated with the current access attempt for the first computing asset being anomalous to the at least one access characteristic for the first user. 16. The one or more computer-readable media of claim of claim 9 , wherein the first authentication process is further selected based on a requested privilege level associated with the access attempt for the first computing asset. 17. A system comprising: one or more processors; and one or more computer-readable media storing computer-useable instructions that, when used by the one or more processors, cause the one or more processors to perform operations comprising: receiving an indication of an access attempt for a first computing asset using an identity of a first user of a plurality of users; determining a security level associated with the first computing asset, the security level being determined based on at least one access characteristic associated with the first user, wherein the at least one access characteristic is generated by a machine learning algorithm; selecting, based on the security level associated with the first computing asset, a first authentication process from a plurality of authentication processes; and executing the first authentication process in relation to the access attempt for the first computing asset. 18. The system of claim 17 , further comprising: receiving an indication of an access attempt for a second computing asset using the identity of the first user; determining a security level associated with the second computing asset, the security level associated with the second computing asset being higher than the security level associated with the first computing asset; selecting, based on the security level associated with the second computing asset, a second authentication process from the plurality of authentication processes; and
Assignees
Inventors
Classifications
Supervised learning · CPC title
Feedforward networks · CPC title
Knowledge engineering; Knowledge acquisition · CPC title
- G06F21/316Primary
by observing the pattern of computer usage, e.g. typical user behaviour · CPC title
involving long-term monitoring or reporting · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11301551B2 cover?
- Access to computing assets is controlled by dynamically selecting an authentication process for an access attempt to a computing asset. In an example embodiment, when an indication of an access attempt for a computing asset is received, a security level associated with the computing asset is determined. Based on the security level associated with the computing asset, an authentication process i…
- Who is the assignee on this patent?
- Ebay Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/316. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 12 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).