CN103516718A - 身份风险分数生成和实现 - Google Patents
身份风险分数生成和实现 Download PDFInfo
- Publication number
- CN103516718A CN103516718A CN201310262770.9A CN201310262770A CN103516718A CN 103516718 A CN103516718 A CN 103516718A CN 201310262770 A CN201310262770 A CN 201310262770A CN 103516718 A CN103516718 A CN 103516718A
- Authority
- CN
- China
- Prior art keywords
- user
- risk score
- identity
- action
- cloud service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2111—Location-sensitive, e.g. geographical location, GPS
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Social Psychology (AREA)
- Health & Medical Sciences (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims (10)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/539,267 US9639678B2 (en) | 2012-06-29 | 2012-06-29 | Identity risk score generation and implementation |
US13/539,267 | 2012-06-29 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103516718A true CN103516718A (zh) | 2014-01-15 |
CN103516718B CN103516718B (zh) | 2019-01-08 |
Family
ID=48747784
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310262770.9A Active CN103516718B (zh) | 2012-06-29 | 2013-06-27 | 身份风险分数生成和实现 |
Country Status (3)
Country | Link |
---|---|
US (2) | US9639678B2 (zh) |
CN (1) | CN103516718B (zh) |
WO (1) | WO2014004412A1 (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106529288A (zh) * | 2016-11-16 | 2017-03-22 | 智者四海(北京)技术有限公司 | 一种帐号风险识别方法及装置 |
CN107005558A (zh) * | 2014-12-03 | 2017-08-01 | 微软技术许可有限责任公司 | 基于位置的用户歧义消除 |
CN107005582A (zh) * | 2014-10-03 | 2017-08-01 | 亚马逊技术有限公司 | 使用存储在不同目录中的凭证来访问公共端点 |
CN108353079A (zh) * | 2015-10-26 | 2018-07-31 | 微软技术许可有限责任公司 | 对针对基于云的应用的网络威胁的检测 |
CN108763881A (zh) * | 2018-05-18 | 2018-11-06 | 上海掌门科技有限公司 | 用于控制用户权限的方法和设备 |
CN108989278A (zh) * | 2017-05-30 | 2018-12-11 | 三星Sds株式会社 | 认证服务系统及方法 |
CN111159668A (zh) * | 2018-11-07 | 2020-05-15 | 西兰克公司 | 通过人机交互来验证用户身份 |
CN111542833A (zh) * | 2018-01-26 | 2020-08-14 | 居米奥公司 | 用于文档认证的分类筛选引擎 |
Families Citing this family (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8949939B2 (en) * | 2010-10-13 | 2015-02-03 | Salesforce.Com, Inc. | Methods and systems for provisioning access to customer organization data in a multi-tenant system |
US10043213B2 (en) * | 2012-07-03 | 2018-08-07 | Lexisnexis Risk Solutions Fl Inc. | Systems and methods for improving computation efficiency in the detection of fraud indicators for loans with multiple applicants |
US9407619B2 (en) | 2013-03-17 | 2016-08-02 | NXT-ID, Inc. | Un-password™: risk aware end-to-end multi-factor authentication via dynamic pairing |
EP2933981B1 (en) * | 2014-04-17 | 2018-08-01 | Comptel OY | Method and system of user authentication |
WO2016004420A1 (en) * | 2014-07-03 | 2016-01-07 | Scayl, Inc. | System and methods for validating and managing user identities |
US9118714B1 (en) * | 2014-07-23 | 2015-08-25 | Lookingglass Cyber Solutions, Inc. | Apparatuses, methods and systems for a cyber threat visualization and editing user interface |
US20160078444A1 (en) * | 2014-09-16 | 2016-03-17 | Mastercard International Incorporated | Systems and methods for providing fraud indicator data within an authentication protocol |
US20160140355A1 (en) * | 2014-11-19 | 2016-05-19 | Salesforce.Com, Inc. | User trust scores based on registration features |
CN106656917B (zh) * | 2015-10-30 | 2020-09-04 | 阿里巴巴集团控股有限公司 | 一种账户权限的管理方法及设备 |
US10084809B1 (en) | 2016-05-06 | 2018-09-25 | Wells Fargo Bank, N.A. | Enterprise security measures |
US10467632B1 (en) * | 2016-12-13 | 2019-11-05 | Massachusetts Mutual Life Insurance Company | Systems and methods for a multi-tiered fraud alert review |
EP3556078B1 (en) * | 2016-12-13 | 2021-10-13 | FIMER S.p.A. | A multi-client/multi-server managing method and system with a routine of rejection of already connected clients for balancing the system |
US20200036777A1 (en) * | 2016-12-13 | 2020-01-30 | Abb Schweiz Ag | A multi-client/multi-server managing method and system |
US10498541B2 (en) | 2017-02-06 | 2019-12-03 | ShocCard, Inc. | Electronic identification verification methods and systems |
USRE49968E1 (en) | 2017-02-06 | 2024-05-14 | Ping Identity Corporation | Electronic identification verification methods and systems with storage of certification records to a side chain |
US10511576B2 (en) | 2017-06-08 | 2019-12-17 | Microsoft Technology Licensing, Llc | Privacy as a service by offloading user identification and network protection to a third party |
US10685107B2 (en) * | 2017-10-24 | 2020-06-16 | International Business Machines Corporation | Detection of malicious intent in privileged identity environments |
EP3721578B1 (en) | 2017-12-08 | 2022-09-07 | Ping Identity Corporation | Methods and systems for recovering data using dynamic passwords |
US11106767B2 (en) | 2017-12-11 | 2021-08-31 | Celo Foundation | Decentralized name verification using recursive attestation |
JP6564841B2 (ja) * | 2017-12-23 | 2019-08-21 | 株式会社カウリス | 照合サーバ、照合方法及びコンピュータプログラム |
US11017100B2 (en) * | 2018-08-03 | 2021-05-25 | Verizon Patent And Licensing Inc. | Identity fraud risk engine platform |
US11082221B2 (en) * | 2018-10-17 | 2021-08-03 | Ping Identity Corporation | Methods and systems for creating and recovering accounts using dynamic passwords |
US11086991B2 (en) | 2019-08-07 | 2021-08-10 | Advanced New Technologies Co., Ltd. | Method and system for active risk control based on intelligent interaction |
CN110598982B (zh) * | 2019-08-07 | 2022-02-22 | 创新先进技术有限公司 | 基于智能交互的主动风控方法和系统 |
US12002102B2 (en) * | 2020-03-24 | 2024-06-04 | Visa International Service Association | System, method, and computer program product for patient authentication and identity risk assessment |
CN111489175B (zh) * | 2020-04-08 | 2022-06-03 | 支付宝(杭州)信息技术有限公司 | 在线身份认证方法、装置、系统及存储介质 |
US11388179B2 (en) | 2020-05-06 | 2022-07-12 | Wells Fargo Bank, N.A. | Centralized threat intelligence |
US11947659B2 (en) | 2020-05-28 | 2024-04-02 | Red Hat, Inc. | Data distribution across multiple devices using a trusted execution environment in a mobile device |
US11971980B2 (en) * | 2020-05-28 | 2024-04-30 | Red Hat, Inc. | Using trusted execution environments to perform a communal operation for mutually-untrusted devices |
US11848924B2 (en) * | 2020-10-12 | 2023-12-19 | Red Hat, Inc. | Multi-factor system-to-system authentication using secure execution environments |
US11783062B2 (en) * | 2021-02-16 | 2023-10-10 | Microsoft Technology Licensing, Llc | Risk-based access to computing environment secrets |
IT202100019634A1 (it) * | 2021-07-23 | 2023-01-23 | Cleafy Spa | Metodo per confermare l’identità di un utente in una sessione di navigazione di un servizio online |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1050993A2 (en) * | 1999-05-05 | 2000-11-08 | Sun Microsystems Inc. | Cryptographic authorization with prioritized and weighted authentication |
US20070208934A1 (en) * | 2005-08-25 | 2007-09-06 | Guy Heffez | Method and system for authenticating internet user identity |
US20070239604A1 (en) * | 2006-04-10 | 2007-10-11 | O'connell Brian M | User-browser interaction-based fraud detection system |
CN101106458A (zh) * | 2007-08-17 | 2008-01-16 | 华中科技大学 | 一种基于风险的分布式访问控制方法 |
CN101656607A (zh) * | 2008-08-18 | 2010-02-24 | 华为技术有限公司 | 一种确定断言发送者的方法、系统和装置 |
US20100211996A1 (en) * | 2008-12-26 | 2010-08-19 | Mcgeehan Ryan | Preventing phishing attacks based on reputation of user locations |
CN102510337A (zh) * | 2011-12-15 | 2012-06-20 | 复旦大学 | 一种量化风险和收益自适应的动态多因子认证方法 |
Family Cites Families (34)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0954699A (ja) * | 1995-08-11 | 1997-02-25 | Fujitsu Ltd | 計算機のプロセススケジューラ |
WO2002091146A2 (en) * | 2001-05-09 | 2002-11-14 | Ecd Systems, Inc. | Systems and methods for the prevention of unauthorized use and manipulation of digital content |
US20050240756A1 (en) * | 2003-01-12 | 2005-10-27 | Yaron Mayer | System and method for improving the efficiency, comfort, and/or reliability in Operating Systems, such as for example Windows. |
WO2004081756A2 (en) * | 2003-03-12 | 2004-09-23 | Nationwide Mutual Insurance Co | Trust governance framework |
US7594121B2 (en) * | 2004-01-22 | 2009-09-22 | Sony Corporation | Methods and apparatus for determining an identity of a user |
US7490356B2 (en) * | 2004-07-20 | 2009-02-10 | Reflectent Software, Inc. | End user risk management |
US7908645B2 (en) | 2005-04-29 | 2011-03-15 | Oracle International Corporation | System and method for fraud monitoring, detection, and tiered user authentication |
US7849029B2 (en) | 2005-06-02 | 2010-12-07 | Fair Isaac Corporation | Comprehensive identity protection system |
US7565358B2 (en) * | 2005-08-08 | 2009-07-21 | Google Inc. | Agent rank |
US20080103800A1 (en) | 2006-10-25 | 2008-05-01 | Domenikos Steven D | Identity Protection |
US7779156B2 (en) * | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US20090006230A1 (en) | 2007-06-27 | 2009-01-01 | Checkfree Corporation | Identity Risk Scoring |
US8880435B1 (en) * | 2007-10-26 | 2014-11-04 | Bank Of America Corporation | Detection and tracking of unauthorized computer access attempts |
US20090177529A1 (en) * | 2007-12-31 | 2009-07-09 | Altaf Hadi | Internet eco system for transacting information and transactional data for compensation |
US8359632B2 (en) * | 2008-05-30 | 2013-01-22 | Microsoft Corporation | Centralized account reputation |
US20100125911A1 (en) * | 2008-11-17 | 2010-05-20 | Prakash Bhaskaran | Risk Scoring Based On Endpoint User Activities |
US8255698B2 (en) | 2008-12-23 | 2012-08-28 | Motorola Mobility Llc | Context aware biometric authentication |
US8776168B1 (en) * | 2009-10-29 | 2014-07-08 | Symantec Corporation | Applying security policy based on behaviorally-derived user risk profiles |
US20110131131A1 (en) | 2009-12-01 | 2011-06-02 | Bank Of America Corporation | Risk pattern determination and associated risk pattern alerts |
US8924569B2 (en) * | 2009-12-17 | 2014-12-30 | Intel Corporation | Cloud federation as a service |
US10282702B2 (en) * | 2010-01-04 | 2019-05-07 | Bank Of America Corporation | Dynamic employee security risk scoring |
US8600855B2 (en) | 2010-01-26 | 2013-12-03 | Visa International Service Association | Transaction data repository for risk analysis |
US8868728B2 (en) * | 2010-03-11 | 2014-10-21 | Accenture Global Services Limited | Systems and methods for detecting and investigating insider fraud |
US8627123B2 (en) * | 2010-03-25 | 2014-01-07 | Microsoft Corporation | Managing power provisioning in distributed computing |
US8452980B1 (en) * | 2010-03-29 | 2013-05-28 | Emc Corporation | Defeating real-time trojan login attack with delayed interaction with fraudster |
US9619652B2 (en) * | 2010-03-31 | 2017-04-11 | Salesforce.Com, Inc. | System, method and computer program product for determining a risk score for an entity |
US8375427B2 (en) * | 2010-04-21 | 2013-02-12 | International Business Machines Corporation | Holistic risk-based identity establishment for eligibility determinations in context of an application |
US20110314558A1 (en) | 2010-06-16 | 2011-12-22 | Fujitsu Limited | Method and apparatus for context-aware authentication |
US8719911B2 (en) * | 2010-12-15 | 2014-05-06 | At&T Intellectual Property I, L.P. | Methods, systems, and computer program products for authenticating an identity of a user by generating a confidence indicator of the identity of the user based on a combination of multiple authentication techniques |
US20120296692A1 (en) * | 2011-05-19 | 2012-11-22 | O'malley John Edward | System and method for managing a fraud exchange |
US8832808B2 (en) * | 2011-08-11 | 2014-09-09 | Nanjie Liu | Cyber gene identification technology based on entity features in cyber space |
US9251327B2 (en) * | 2011-09-01 | 2016-02-02 | Verizon Patent And Licensing Inc. | Method and system for providing behavioral bi-directional authentication |
US9256715B2 (en) * | 2012-03-09 | 2016-02-09 | Dell Products L.P. | Authentication using physical interaction characteristics |
US10176335B2 (en) * | 2012-03-20 | 2019-01-08 | Microsoft Technology Licensing, Llc | Identity services for organizations transparently hosted in the cloud |
-
2012
- 2012-06-29 US US13/539,267 patent/US9639678B2/en active Active
-
2013
- 2013-06-25 WO PCT/US2013/047446 patent/WO2014004412A1/en active Application Filing
- 2013-06-27 CN CN201310262770.9A patent/CN103516718B/zh active Active
-
2017
- 2017-04-06 US US15/481,097 patent/US10055561B2/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1050993A2 (en) * | 1999-05-05 | 2000-11-08 | Sun Microsystems Inc. | Cryptographic authorization with prioritized and weighted authentication |
US20070208934A1 (en) * | 2005-08-25 | 2007-09-06 | Guy Heffez | Method and system for authenticating internet user identity |
US20070239604A1 (en) * | 2006-04-10 | 2007-10-11 | O'connell Brian M | User-browser interaction-based fraud detection system |
CN101106458A (zh) * | 2007-08-17 | 2008-01-16 | 华中科技大学 | 一种基于风险的分布式访问控制方法 |
CN101656607A (zh) * | 2008-08-18 | 2010-02-24 | 华为技术有限公司 | 一种确定断言发送者的方法、系统和装置 |
US20100211996A1 (en) * | 2008-12-26 | 2010-08-19 | Mcgeehan Ryan | Preventing phishing attacks based on reputation of user locations |
CN102510337A (zh) * | 2011-12-15 | 2012-06-20 | 复旦大学 | 一种量化风险和收益自适应的动态多因子认证方法 |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107005582A (zh) * | 2014-10-03 | 2017-08-01 | 亚马逊技术有限公司 | 使用存储在不同目录中的凭证来访问公共端点 |
US11695744B2 (en) | 2014-10-03 | 2023-07-04 | Amazon Technologies, Inc. | Using credentials stored in different directories to access a common endpoint |
CN107005558A (zh) * | 2014-12-03 | 2017-08-01 | 微软技术许可有限责任公司 | 基于位置的用户歧义消除 |
CN107005558B (zh) * | 2014-12-03 | 2020-05-01 | 微软技术许可有限责任公司 | 基于位置的用户歧义消除 |
CN108353079A (zh) * | 2015-10-26 | 2018-07-31 | 微软技术许可有限责任公司 | 对针对基于云的应用的网络威胁的检测 |
CN106529288A (zh) * | 2016-11-16 | 2017-03-22 | 智者四海(北京)技术有限公司 | 一种帐号风险识别方法及装置 |
CN108989278A (zh) * | 2017-05-30 | 2018-12-11 | 三星Sds株式会社 | 认证服务系统及方法 |
CN111542833A (zh) * | 2018-01-26 | 2020-08-14 | 居米奥公司 | 用于文档认证的分类筛选引擎 |
CN108763881A (zh) * | 2018-05-18 | 2018-11-06 | 上海掌门科技有限公司 | 用于控制用户权限的方法和设备 |
CN111159668A (zh) * | 2018-11-07 | 2020-05-15 | 西兰克公司 | 通过人机交互来验证用户身份 |
Also Published As
Publication number | Publication date |
---|---|
US20170286653A1 (en) | 2017-10-05 |
CN103516718B (zh) | 2019-01-08 |
US10055561B2 (en) | 2018-08-21 |
US20140007179A1 (en) | 2014-01-02 |
US9639678B2 (en) | 2017-05-02 |
WO2014004412A1 (en) | 2014-01-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103516718A (zh) | 身份风险分数生成和实现 | |
US11777953B2 (en) | Systems and methods for managing digital identities | |
JP7030981B2 (ja) | 資産管理方法および装置、および電子デバイス | |
US9049013B2 (en) | Trusted security zone containers for the protection and confidentiality of trusted service manager data | |
CN105207780B (zh) | 一种认证用户方法及装置 | |
CN104320389B (zh) | 一种基于云计算的融合身份保护系统及方法 | |
JP6785808B2 (ja) | ポリシー強制遅延 | |
CN102281286A (zh) | 用于分布式混合企业的灵活端点顺从和强认证 | |
KR102227578B1 (ko) | 블록체인 네트워크를 이용한 영지식 증명 기반의 인증서 서비스 방법, 이를 이용한 인증 지원 서버 및 사용자 단말 | |
US10027770B2 (en) | Expected location-based access control | |
CN110908786A (zh) | 一种智能合约调用方法、装置及介质 | |
US11916936B2 (en) | Techniques for incentivized intrusion detection system | |
US20110035241A1 (en) | Anonymous Separation of Duties with Credentials | |
WO2021084434A1 (en) | Authentication mechanism utilizing location corroboration | |
JP2022525551A (ja) | データレコードのコピーの分散型台帳システムへの誤伝送の防止 | |
KR20160018554A (ko) | 신뢰 및 비신뢰 플랫폼에 걸쳐 인터넷 액세스가능 애플리케이션 상태를 로밍하는 기법 | |
US11146403B2 (en) | Self-governed secure attestation policy for server data privacy logs | |
CN103559430B (zh) | 基于安卓系统的应用账号管理方法和装置 | |
US11736299B2 (en) | Data access control for edge devices using a cryptographic hash | |
CN116506206A (zh) | 基于零信任网络用户的大数据行为分析方法及系统 | |
CN114372280A (zh) | 一种基于多签智能合约的区块链业务执行方法及装置 | |
CN102130907A (zh) | 开发者电话注册 | |
KR20210027012A (ko) | 피어 노드와 그 정보 처리 방법 및 블록체인 플랫폼 시스템 | |
CN105635132B (zh) | 一种用户认证的方法及系统 | |
CN113935072B (zh) | 发行者注册方法、装置、计算机设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1191159 Country of ref document: HK |
|
ASS | Succession or assignment of patent right |
Owner name: MICROSOFT TECHNOLOGY LICENSING LLC Free format text: FORMER OWNER: MICROSOFT CORP. Effective date: 20150727 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20150727 Address after: Washington State Applicant after: Micro soft technique license Co., Ltd Address before: Washington State Applicant before: Microsoft Corp. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |