Dynamic authorization
US-9633184-B2 · Apr 25, 2017 · US
Suppression of authorization risk feedback to mitigate risk factor manipulation in an authorization system
US9781095B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9781095-B2 |
| Application number | US-201514974170-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 18, 2015 |
| Priority date | Dec 18, 2015 |
| Publication date | Oct 3, 2017 |
| Grant date | Oct 3, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented authentication procedure may be determined. Responsive to determining that the attempt is being made to manipulate the one or more risk factors, a new challenge for additional identification may be communicated for presentation on a user interface device of the computer device while suppressing one or more security risk factors from being presented on the user interface device. Responsive to determining that an attempt is not being made to manipulate the one or more risk factors, the new challenge and one or more security risk factors may be communicated.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method of dynamic risk communication associated with a computer device, the method performed by one or more hardware processors, comprising: automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device, the security risk factors used for authenticating a user, wherein for selected security risk factors the computer device requires additional information before authenticating the user; determining whether an attempt is being made via the computer device to discover the one or more security risk factors to manipulate the computer device from using the selected security risk factors and from requiring the additional information in an attempt to reduce a security level of a computer-implemented authentication procedure, the determining of the attempt to discover the one or more security risk factors performed by detecting at least a repeated initiating of a transaction without proceeding past an authentication prompt; responsive to determining that the attempt is being made to manipulate the one or more security risk factors, communicating a new challenge for additional identification for presenting on a user interface device of the computer device and suppressing the one or more security risk factors from being presented on the user interface device. 2. The method of claim 1 , wherein the one or more security risk factors are analyzed at a security risk determination engine to generate a security risk level based on the current context information and historical patterns associated with one or more users and the computer device. 3. The method of claim 2 , wherein feedback from a user associated with the computer device is received, the feedback regarding the one or more security risk factors that are automatically detected, and the security risk level is recomputed based on the feedback. 4. The method of claim 1 , further comprising communicating the one or more security risk factors by displaying risk indicators by at least one of text, visual (icons) and audio display. 5. The method of claim 1 , further comprising generating one or more options that reduce the one or more security risk factors, the one or more options for presenting on the user interface device. 6. The method of claim 1 , further comprising automatically mitigating a security risk for a user associated with one or more users and the computer device, wherein the automatically mitigating a security risk comprises at least one of altering or substituting a user authentication interaction technique. 7. The method of claim 1 , further comprising: responsive to determining that no attempt is being made to manipulate the one or more security risk factors, communicating the new challenge for additional identification and the one or more security risk factors for presentation on the user interface device. 8. The method of claim 1 , wherein the automatically detecting of the one or more security risk factors comprises comparing the current context information associated with the computer device with historical patterns of user behavior associated with one or more users and the computer device. 9. A non-transitory computer readable storage medium storing a program of instructions executable by a machine to perform a method of dynamic risk communication associated with a computer device, the method comprising: automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device, the security risk factors used for authenticating a user, wherein for selected security risk factors the computer device requires additional information before authenticating the user; determining whether an attempt is being made via the computer device to discover the one or more security risk factors to manipulate the computer device from using the selected security risk factors and from requiring the additional information in an attempt to reduce a security level of a computer-implemented authentication procedure, the determining of the attempt to discover the one or more security risk factors performed by detecting at least a repeated initiating of a transaction without proceeding past an authentication prompt; responsive to determining that the attempt is being made to manipulate the one or more security risk factors, communicating a new challenge for additional identification for presenting on a user interface device of the computer device and suppressing the one or more security risk factors from being presented on the user interface device. 10. The non-transitory computer readable storage medium of claim 9 , wherein the one or more security risk factors are analyzed at a security risk determination engine to generate a security risk level based on the current context information and historical patterns associated with one or more users and the computer device. 11. The non-transitory computer readable storage medium of claim 10 , wherein feedback from a user associated with the computer device is received, the feedback regarding the one or more security risk factors that are automatically detected, and the security risk level is recomputed based on the feedback. 12. The non-transitory computer readable storage medium of claim 9 , further comprising communicating the one or more security risk factors by displaying risk indicators by at least one of text, visual (icons) and audio display. 13. The non-transitory computer readable storage medium of claim 9 , further comprising generating one or more options that reduce the one or more security risk factors, the one or more options for presenting on the user interface device. 14. The non-transitory computer readable storage medium of claim 9 , further comprising automatically mitigating a security risk for a user associated with one or more users and the computer device, wherein the automatically mitigating a security risk comprises at least one of altering or substituting a user authentication interaction technique. 15. The non-transitory computer readable storage medium of claim 9 , wherein the method further comprises, responsive to determining that no attempt is being made to manipulate the one or more security risk factors, communicating the new challenge for additional identification and the one or more security risk factors for presentation on the user interface device. 16. The non-transitory computer readable storage medium of claim 9 , wherein the automatically detecting of the one or more security risk factors comprises comparing the current context information associated with the computer device with historical patterns of user behavior associated with one or more users and the computer device. 17. A system for dynamic risk communication associated with a computer device, comprising: one or more computer processors coupled to a memory, one or more of computer processors operable to automatically detect one or more security risk factors for the computer device based on current context information associated with the computer device, the security risk factors used for authenticating a user, wherein for selected security risk factors the computer device requires additional information before authenticating the user, one or more of computer processors further operable to determine whether an attempt is being made via the computer device to discover the one or more security risk factors to manipulate the computer device from using the selected security risk factors and from req
Assignees
Inventors
Classifications
for controlling access to devices or network resources · CPC title
Assessing vulnerabilities and evaluating computer system security · CPC title
User authentication · CPC title
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Access security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9781095B2 cover?
- Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented a…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 03 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).