ABSTRACT:
An adaptive multi-tier authentication system provides secondary tiers of authentication which are used only when the user attempts a connection from a new environment. The invention accepts user input such as login attempts and responses to the system's questions. User login information such as IP address, originating phone number, or cookies on the user's machine are obtained for evaluation. User/usage profiles are kept for each user and the user login information is compared to the information from the user/usage profile for the specific user which contains all of the user information that the user used to establish the account and also the usage profile detailing the user's access patterns. The trust level of the current user login location is calculated and the invention determines if any additional questions to the user are required. If the trust level is high, then the user is granted access to the system. If the trust level is not high enough, then questions are sent to the user and the user's answers are evaluated and access is granted or denied based on the trust level and answers. The user's profile is updated to reflect the access attempt.
REFERENCES:
patent: 5214702 (1993-05-01), Fischer
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5684951 (1997-11-01), Goldman et al.
patent: 5721780 (1998-02-01), Ensor et al.
patent: 5751812 (1998-05-01), Anderson
patent: 5751814 (1998-05-01), Kafri
patent: 5825880 (1998-10-01), Sudia et al.
patent: 5850443 (1998-12-01), Van Oorschot et al.
patent: 5875296 (1999-02-01), Shi et al.
patent: 5892900 (1999-04-01), Ginter et al.
patent: 5987134 (1999-11-01), Shin et al.
patent: 6070243 (2000-05-01), See et al.
patent: 6141759 (2000-10-01), Braddy
patent: 6199113 (2001-03-01), Alegre et al.
patent: 6205479 (2001-03-01), Dulai et al.
patent: 6308274 (2001-10-01), Swift
patent: 6327652 (2001-12-01), England et al.
patent: 6334121 (2001-12-01), Primeaux et al.
patent: 6343280 (2002-01-01), Clark
patent: 6349338 (2002-02-01), Seamons et al.
patent: 6351817 (2002-02-01), Flyntz
patent: 6421768 (2002-07-01), Purpura
patent: 6425089 (2002-07-01), Tsai
patent: 6640238 (2003-10-01), Bowman-Amuah
patent: 6658091 (2003-12-01), Naidoo et al.
patent: 6668322 (2003-12-01), Wood et al.
patent: 6691232 (2004-02-01), Wood et al.
patent: 6734886 (2004-05-01), Hagan et al.
patent: 6985953 (2006-01-01), Sandhu et al.
patent: 6988208 (2006-01-01), Hrabik et al.
patent: 7174454 (2007-02-01), Roskind
patent: 2001/0034847 (2001-10-01), Gaul, Jr.
patent: 2001/0056405 (2001-12-01), Muyres
patent: 2002/0042884 (2002-04-01), Wu
patent: 2003/0041141 (2003-02-01), Abdelaziz
patent: 2004/0024851 (2004-02-01), Naidoo
patent: 2004/0041910 (2004-03-01), Naidoo
patent: 2004/0064568 (2004-04-01), Arora
patent: 2004/0064693 (2004-04-01), Pabla
patent: 2004/0086088 (2004-05-01), Naidoo
patent: 2004/0086089 (2004-05-01), Naidoo
patent: 2004/0086090 (2004-05-01), Naidoo
patent: 2004/0086091 (2004-05-01), Naidoo
patent: 2004/0088347 (2004-05-01), Yeager
patent: 2004/0088369 (2004-05-01), Yeager
patent: 2004/0093268 (2004-05-01), Ramchandani
patent: 2004/0199770 (2004-10-01), Roskind
patent: 2005/0132060 (2005-06-01), Mo
patent: 2005/0187934 (2005-08-01), Motsinger
patent: 2005/0188079 (2005-08-01), Motsinger
patent: 2005/0188080 (2005-08-01), Motsinger
patent: 2005/0188222 (2005-08-01), Motsinger
patent: 2005/0188423 (2005-08-01), Motsinger
patent: 2005/0198099 (2005-09-01), Motsinger
patent: 2005/0203773 (2005-09-01), Soto
patent: 1197828 (2002-04-01), None
patent: WO 98/51029 (1998-11-01), None
patent: WO 99/64967 (1999-12-01), None
patent: WO 99/65207 (1999-12-01), None
patent: WO 00/07087 (2000-02-01), None
patent: WO 01/38999 (2001-05-01), None
patent: WO 01/73553 (2001-10-01), None
patent: WO 01/90859 (2001-11-01), None
patent: WO 02/32047 (2002-04-01), None
patent: WO 2004/044688 (2004-05-01), None
patent: WO 2004/114082 (2004-12-01), None
patent: WO 2005/060138 (2005-06-01), None
patent: WO 2005/069823 (2005-08-01), None
Lunt, et al.; “Knowledge-Based Intrusion Detection”; Mar. 27-31, 1989; Al Systems in Government Conference, Proceedings of the Annual Washington DCpp. 102/107.
Crosbie, et al.; “Active Defense of a Computer System using Autonomous Agents”; Feb. 15, 1995; Dept. of Computer Sciences, Purdue Univ., Technical Report No. 95-008.
Sequeira, et al.; “ADMIT: Anomaly-Based Data Mining for Intrusions”;copyright 2002; Computer Science Dept., Rensselaer Polytechnic Institute.
Lane, et al.; “An Application of Machine Learning to Anomaly Detection”; Feb. 14, 1997; School of Electrical and Computer Engineering, Purdue Univ.
Abad, et al.: “Log Correlation for Intrusion Detection: Proof of Concept”; Dec. 2003; In Proc. Of the 19th Annual Computer Security Applications Conf. ACSAC 2003.
Endler, D.; “Intrusion Detection Applying Machine Learning to Solaris Audit Data”; Dec. 1998; Computer Security Applications Conf., Phoenix, AZ.
Gonzalez, L.; “Current Approaches to Detecting Intrusions”; 2002; Nova Southeastern Univ., Graduate School of Computer and Information Sciences.
Lane, et al.; “Detecting the Abnormal:Machine Learning in Computer Security”; Jan. 31, 1997; School of Electrical and Computer Engineering, Purdue Univ.
Smith, Sidney L.; “Authenticating Users by Word Association”; Dec. 1987; Computers & Security, vol. 6, No. 6 pp. 464-470.
Furui, Sadaoki; “Cepstral Analysis Technique for Automatic Speaker Verification”; Apr. 1981; IEEE Transactions on Acoustics, Speech and Signal Processing, vol. ASSP-29, No. 2, pp. 254-272.
Schalk, Thomas B.; “Speaker Verification Over the Telephone Network”; Feb./Mar. 1991; Speech Technology, pp. 32-35.
Willoughby, M.K.;Automated User Authentication: The Final Frontier of Information Security; 2001, retrieved on Jul. 22, 2009 from website: http://www.isaca.org/PrinterTemplate. . . ;Information Systems Control Journal, vol. 2.
Traffic Considerations for Security Services in VoIP Systems; W. Wimmreuter; Sixth Int'l Conf. on Intelligence in Networks: Telecommunication Network Intelligence; Sep. 2000.
Access Control Meets Public Key Infrastructure, or: Assigning Roles to Strangers; A. Herzberg; Y. Mass; J. Mihaeli; D. Naor; Y. Ravid; Proceeding 2000 IEEE Symposium on Security and Privacy; May 2000.
Merging and Extending the PGP and PEM Trust Models-The ICE-TEL Trust Model; D.W. Chadwick; A.J. Young; N.K. Cicovic; IEEE Network; May-Jun. 1997.
BT Trustwise: Enabling eCommerce Through Trust: Electronic Commerce; B.A. Cross; BT Technology Journal, vol. 17, No. 3, Jul. 1999.
Building B2B Trust—Users are Turning to New Services to Make Sure They're Dealing with Trustworthy Businesses for Online Transactions: Bob Violino; Computerworld; Jun. 17, 2002.
Keys to the Privacy-Enabled Enterprise—Building Trust Across Computing Environments Requires a Combination of Firewalls, VPN's, SSL, PKI, Digital Certificates; James R. Borck; InforWorld; Sep. 11, 2000.
Multivendor PKI the Key to Smooth e-Business Communications—Certificate Authorities That Share User Information Speed Transactions and Increase Corporate Security; Mandy Andress; InfoWorld; May 29, 2000.
Sentry Builds Trust for e-Business—Public Key Infrastructure Product Greatly Reduces the Complexity and Cost of Ensuring Your Online Transactions; Mandy Andress; InfoWorld; May 29, 2000.
Pioneers . . . or Guinea Pigs?—Three Early Adopters Discuss the Pros and Cons of PKI Deployment; Information Security; Jun. 1, 1999.
Certifying Authorities Must Build Trust; Jamie Lewis; PC Week; Jun. 29, 1998.
The E-Signature Act Makes Online Transactions Legally Binding; Sean Dorerty; Network Computing; Dec. 10, 2001.
Going the Distance—As The Remote Workforce Grows, Network Access Must Be Made Safe and Sound; George V. Hulme; Information Week; Nov. 26, 2001.
Locking Down Web Services; If Web Services are the Future of Distributed Computing, You Need to Meet Their Considerable Security Challenges Head-On�