CN104704521B

CN104704521B - Multifactor profile and security fingerprint analysis

Info

Publication number: CN104704521B
Application number: CN201380047486.8A
Authority: CN
Inventors: V·克希尔塞格尔; J·M·贾尔; M·J·古; X·孔; T·A·桑迪奇; S·H·舒勒; B·苏布拉马尼亚曼; L·赵
Original assignee: T Mobile USA Inc
Current assignee: T Mobile USA Inc
Priority date: 2012-09-12
Filing date: 2013-09-12
Publication date: 2019-06-07
Anticipated expiration: 2033-09-12
Also published as: WO2014043360A1; EP2896005A4; CN104704521A; EP2896005A1

Abstract

Disclose a kind of security fingerprint framework.Security fingerprint includes one or more behavial factors, the history of the behavial factor storage and the event of one or more user-associations.Data in security fingerprint are exposed by one or more modes, each mode determines the condition that the data in security fingerprint can be accessed.Security fingerprint supports several primitive operations for allowing setting operation to be performed.Security fingerprint can be used in combination authenticate individually or with third party's data source, advertisement and other operations.Also disclose the exemplary platform of the security fingerprint constructed on cellular infrastructure.

Description

Multifactor profile and security fingerprint analysis

The cross reference of related application

Entitled " the Multi- of on September 12nd, the 2012 Serial No. No.13/612755 submitted of patent application claims The priority of the U.S. patent Nos application of Factor Profile and Security Fingerprint Analysis ", The U.S. patent Nos application is entirely incorporated into here by reference.

Patent application No.13/612755 is on September 9th, the 2011 U.S. non-provisional application No.13/229481 submitted Part continues application, which requires on August 25th, the 2011 U.S. Provisional Application No.61/527469 submitted Priority, and the two application hereby by reference be integrally incorporated.

Background technique

The user of today is daily to be interacted with excessive information system.One example is that user and personal information system are (such as Their personal social network account) interaction.Another example is that user interacts with commercial information system, such as by making purchase It buys and is interacted with the point of sales system in shop, or interacted by carrying out mobile calls with the charge system of cellular provider.Another example Son is user and government information system interaction, such as in maintaining social safety and payment of duty record.

In many cases, user is highly dependent on the data in those information systems.When user is item payment (by electronic market in solid shop/brick and mortar store online or in point of sales system offline), transaction should be guaranteed that the letter for payment Correspond to the user with/debit card.Similarly, when user registers in government website and when inputting personal information, the transaction It should be guaranteed that the identity of the people is certified.Particularly, certification be when being interacted with information system execute test with it is known can Guarantee that user corresponds to user identity in reliability.

Currently, certification is performed by several common methods.Certification is used for the identity of that user typically via verifying The label of user be performed.The label of user is known as certificate.The certificate of user can provide known value with user, such as close The form of code or personal identification number (" PIN ") occur.The certificate of user can by user provide label (such as contactless card, or Fingerprint or retina scanning) occur in this manner.

In general, certification possesses the card that known value or user physically keep the form of label by with user at present Book.However, identity theft may occur when the known value based on memory is stolen or marks and is stolen or in addition usurps. In addition, many information systems only authenticate user when logging in system, and the then system request of limitation verifying identity Infrequently to interrupt user.Therefore, have an opportunity by identifying other authentication device improvement safety and preventing identity theft.

Detailed description of the invention

Detailed description is set forth with reference to attached drawing.The most left digital representation of same reference numerals in different figures in the figure Similar or identical article.

Fig. 1 is the top level diagram for showing the multifactor identity fingerprint identification service of example, the multifactor identity fingerprint identification service Data relevant to user's history activity are collected will pass through example based on the authentication service of profile and access.

Fig. 2 is the exemplary hardware platform for the identification of multifactor identity fingerprint.

Fig. 3 is the flow chart for the instantiation procedure of multifactor identity fingerprint identification.

Fig. 4 be show move media it is vertical in multifactor identity fingerprint identification sample application program top level diagram.

Fig. 5 is the block diagram of the example logic framework for security fingerprint platform.

Fig. 6 is the exemplary implementation according to the logic architecture for security fingerprint platform of application and service prospect Figure.

Fig. 7 is the figure according to the exemplary implementation of the logic architecture for security fingerprint platform of the prospect of fingerprint.

Fig. 8 is to show fingerprinting service application program, primitive fingerprinting operation and the bottom data from data assets The figure of relationship between (underlying data).

Fig. 9 is the figure for being used to the implementation of exemplary application of assisted memory injured patients based on security fingerprint.

Figure 10 is the figure of the implementation of the exemplary match application program based on security fingerprint.

Figure 11 is the figure of the implementation based on the exemplary application for merging security fingerprint.

Specific embodiment

It introduces

Disclosure description is identified by the multifactor identity fingerprint of user behavior.Presently, there are with various information systems The high-frequency user interaction of system.Therefore, each user has a crucial a large amount of interactions that can be tracked, and factor can be with With the Identity Association of user.Particularly, Multiple factors related with user behavior are stored in the referred to as data structure of profile And assemble the history of (aggregate) in the profile as the behavior of user.The data structure can be continuously present in meter In calculation machine readable memory.At least some subsets of the interaction of the user of storage in the profile can be used for generating identity fingerprint, The identity fingerprint subsequently forms the certificate of user.

Factor can be any mode for the value that related observable is interacted with user.Then these factors can generate It is used as input in identity fingerprint.Example observable values may include one for tracking the social webpage when user accesses them, Track the network address of the webpage, tracking accesses the time of the webpage, or the special movement that tracking executes, such as issue new picture or Input comment.When these observables store in user profiles, they are referred to as historical act.Particularly, whenever information System receives event notice, that event notice can serve as historical act and be stored in the profile of user.In general, these values Storage is in the profile and for determining such as one or more application programs and/or one or more client devices The factor of use pattern and associated user preference etc..

Application program and/or the use pattern of client device are and track that data is accessed, and what is applied Program or client device feature are typically beneficial to the relevant factor of user.The example of use pattern is determining Www.mysocialnet.com is the website most commonly accessed by the referred to as web browser of CoolBrowser.exe.So And in generating multifactor identity fingerprint, use pattern is a Consideration.

User behavior can be another factor.User behavior is related to use pattern and in addition to application program or client device The correlation of other inputs outside itself.Example can be determining user typically about 11:30AM access daily Www.mysocialnet.com indicates that user updates their social networks record during lunch break.Another example can be use Www.fredspizza.com is typically accessed in Rainy Sunday in family, indicates that user does not go out typically to eat when rainy Meal.

User preference can be another factor.In using those application programs and client device, application program and visitor Family end equipment is typically respectively provided with the user setting for indicating user preference.

Use pattern, user behavior and user preference are only can be by some of application multifactor identity fingerprint identification Factor.Above-mentioned factor is exemplary and is not intended to be restrictive.Substantially, factor can be based on being detected and depositing Any value of storage, and then can be the potential factor for the identification of multifactor identity fingerprint.Factor their own can be with Profile is stored together, or is in addition dynamically obtained.

In the identification of multifactor identity fingerprint, at least a subset of the profile of the user of on-line storage can be tied to that User.In some embodiments, the identity of user may be used as the certificate of that user.In this way, information system can be in office What time certification or the identity for verifying user.The information system can have authentication capability, have access to user identity fingerprint or User profiles are inquired, construct itself in systems, or the system that alternatively those functions can be delegated to separation.

In another embodiment, security attack can be classified and assemble.Since information system is not against password or object Reason label, therefore the information system can compare any event or notice in the ession for telecommunication of user, by the identity of it and user Fingerprint comparison, and determine user behavior it is whether consistent with identity fingerprint or alternatively with the inquiry one of the profile to user It causes.Since identity fingerprint can be easily accessed, does not need request password or other labels and interrupt the session of user.Cause This, can monitor biggish one group of safety inspection.This information can be analyzed to identify security attack/threat monitoring mode Or it is used for Identity Management.

In yet another embodiment, identity fingerprint can be used for finding the classification used in user.Due to identity fingerprint The snapshot of the history of user is provided, therefore identity fingerprint is difficult to deviate from the reality of user or similar behavior.Therefore, high confidence level Comparison can be attributed to and assemble different identity fingerprints.The classification of identification can be subsequently used for direct advertising or obtain business feelings Report.

Fig. 1 shows a possible embodiment of multifactor identity fingerprint identification 100.Specifically, it shows user 102 such as What advances as time goes by and history of forming profile and identity fingerprint, and the history profile and identity fingerprint then can be with For authenticating.

User 102 can have client device A 104 and by it for realizing the interaction 106 with information system.It hands over Mutual 106, which possibly can be user 102, accesses the referred to as website of www.awebstore.com using client device A 104. User 102 can carry out some purchases during interaction 106.

The value for the observable collected during interaction 106 and subsequent interaction can be used as historical act record and be received by profile Collection service 108 is stored in user profiles.Specifically, the record group of the historical act of user 102 is the profile of user 102.It hands over Mutual 106 and subsequent interaction during the information collected be converted into user 102 historical act one or more records.Turning After alternatively, profile collects the note of historical act of the service 108 with the profile storage user 102 of the user 102 in data storage 110 Record.

In user 102 as time goes by and when advancing, the historical act record of subsequent interaction is also collected in user Profile in.As shown in through interaction 112, user 102 can be later using user client device A 104 and different letters Cease system interaction.For example, interaction 112 can be user 102 using user client device A 104 to update The social networks of user at www.mysocialnet.com records.Again, the history of the user 102 during interaction 112 is living It is dynamic to be collected 108 capture of service and be stored in data storage 110 by profile.

Therefore, the profile of user 102 does not need to be used in particular for special website or particular type of interaction.Its parameter can be with Captured any definable and observable customer incident is for storing the one or more of the profile as user 102 The candidate of a historical act record.Collect event information and collect parameter with create historical act record with reference to Fig. 3 by more in detail Carefully describe.

The profile of user 102 does not need to be used in particular for special client device.Such as by interaction 116, (interaction can be with After several other interactions) show, it (is client device B herein that different client devices, which can be used, in user 102 114) come to interact with information system.Interaction 116 potentially can be user 102 and also update at www.mysocialnet.com The social network sites of user 102 record, and may upload the photo just shot by client device B 104.Again, profile is collected Interaction 116 is converted to one or more historical records with the activity association of user 102 and records those by service 108 A part of profile as user 102 is stored in data storage 110.

When profile collects service 108, the statistically a large amount of of the profile of storage user is used in data storage 110 When the historical record of family, then the profile of user can be used for generating identity fingerprint.As shown in interactive 118, client is used The unknown user 120 of equipment C 122 can attempt to the social networks at the www.mysocialnet.com of editor user 102 Record.In fact, unknown user 120 can possess the password of user 102 and therefore log in www.mysocialnet.com On user 102 account.

During interaction 118, unknown user 120 can attempt to issue user's 102 in www.mysocialnet.com Social network sites record.It posts and attempts to trigger by the event of www.mysocialnet.com capture, and the event can pass through Authentication service 126 based on profile causes certification request 124.Then authentication service 126 based on profile can will post attempts The User Activity that being converted to can compare with the profile of user 102 marks.Upon the transition, the authentication service 126 based on profile The historical act record of user 102 can be obtained by 108 inquiry data storage 110 of profile collection service one is a little Collection.For example, the record of acquisition can be only limited to user 102 in past three year by certification request 124 Www.mysocialnet.com activity.

The summary file of the acquisition record in the identity fingerprint of user can be generated in authentication service 126 based on profile. Identity fingerprint includes the summary of the history of user and many possible forms can be presented.In one embodiment, identity Fingerprint can identify several different activities, and store user and execute those movable frequencies.In another embodiment, body Part fingerprint can store other users that the account of the user can be sent information to.Identity fingerprint can be buffered, so that replacing In generation, the authentication service 126 based on profile was dynamically generated identity fingerprint, it can directly be serviced.

Then the activity of unknown user 120 can be associated with by the authentication service 126 based on profile with identity fingerprint.Example Such as, if the patch of unknown user 120 is filled with the word on dirty word inventory, and user 102 is in www.mysocialnet.com note Dirty word is not used in son, then the authentication service 126 based on profile can report the low association relative to identity fingerprint.If The association is substantially low, then the authentication service 126 based on profile can send the error message of instruction authentification failure.Alternatively, such as The fruit association is substantially low, then the authentication service 126 based on profile can send the error message of instruction authentification failure.If do not deposited In sufficient information to provide statistically significant conclusion, then the authentication service 126 based on profile, which can only be sent, refers to Show the message of not conclusion.In this way, the authentication service 126 based on profile can reduce false affirmative during certification.

In aforementioned certification discussion, it is noted that unknown user 120 need not use identical as previously being used by user 102 Client device.Do not possess certificate not instead of physically, authenticates unknown profile of the user 120 based on user, particularly such as With certificate and from the easily obtainable identity fingerprint of data storage 110.It is furthermore noted that using the certification of identity fingerprint It can independently or alternatively be operated together with the debarkation authentication of www.mysocialnet.com.Even if unknown user 120 has The key certificate of user 102, identity fingerprint certificate of those certificates also by the authentication service 126 based on profile relative to user Independently it is verified.In addition, this verification process is transparent to unknown user 120.In addition, unknown user 120 cannot Information is obtained from user 102, this is because cannot be by collecting and/or forcing to be acquired again in terms of the behavior of user 102.Cause This, due to lacking verification process of the access based on profile, unknown user 120 may have been able to break in or cheat Www.mysocialnet.com's logs in, but unknown user 120 cannot cheat the verification process based on profile, this is because Its usage history behavior property.Unknown user 120 is that cannot change past three year of user 102 not posted the going through of dirty word History.In this way, the certification based on profile provides safer certification, and provide the continuous certification and use separated with the certification logged in Family must clearly input other means of certificate.

The information system of such as www.mysocialnet.com how the certification of processing failure can be by information system itself It determines, or how can be configured based on the authentication service 126 based on profile.For example, for financial affairs or for being related to The affairs of sensitive personal information, the authentication service 126 based on profile can be configured to only prevent unknown user 120 It is interacted with information system.In the case of less sensitive, the authentication service 126 based on profile may be configured to require unknown User 120 provides substitution certificate.In the case of more less sensitive, the authentication service 126 based on profile can be configured to use Anomalous event is informed only to send the notice in the form of Email, text message or other messaging services to user 102 Occur.

Authentication service 126 based on profile may be configured to have multiple correlation models.Each correlation model is system Model is counted, which defines how to calculate the historical events in customer incident and user profiles and/or user identity fingerprint The similarity score of data.Correlation model can be very simply, and the presence of some of them item is enough to return to zero associated knot Fruit.Alternatively, correlation model can be extremely complex, and may include the learning algorithm of modified confidence level.Letter Shelves authentication service 126 can combine different correlation models to obtain other confidence level in authentication result.Credibility model It is discussed in more detail with reference to Fig. 3.

In this way, the certification based on profile can be configured to meet the different authentication needs of different information systems.It is based on The authentication service 126 of profile can expose application programming interface (" API ") programmatically to can access any information system. For example, the authentication service 126 based on profile can in conjunction with credit card company be used for provide about any user identity in addition Label.In this way, user does not need to possess client device.In fact, client device itself can be authenticated.For example, if For realizing the long-distance call for the distant place never accessed to user, cellular service may be implemented relative to being based on client device The certification request 124 of the authentication service 126 of profile and user can be required to provide other certificate.Certification clothes based on profile Business can be configured to the only identity and provide specific Validation Answer Key, such as Yes/No/uncertain, therefore protect user's Privacy.

Due to the authentication service 126 based on profile can service precomputation/prefabricated user identity fingerprint, be based on The authentication service 126 of profile can be used for non-authentication application.For example, the authentication service 126 based on profile can be used for user Other services 128 of identity fingerprint are inquired to analyze, and therefore the classification of user behavior can be identified.These classification knots The history for closing user behavior can be used for direct advertising or generate general business intelligence.

If 128 expectation of service can access the wider data for surmounting identity fingerprint, service 128 can directly be connect Enter profile and collect service 108, the profile service of collecting has the crucial a large number of users history being stored in data storage 110 living It is dynamic.The service 128 of such as business intelligence or advertisement positioning service can collect 108 access data storage 110 of service by profile In user's history activation record to execute and authenticate incoherent inquiry.Other services 128 may include quotient as described above Industry information and advertisement applications.However, they also may include the citation of service enforcement data, Identity Management and Threat Management request.

By the way that the extensive information system of identity fingerprint and user behavior profile can be used, profile collects 108 Hes of service Authentication service 126 based on profile may include charge system to monetize certification and request of data.Charge system can be point From module, or be alternatively incorporated to profile and collect the service 108 and authentication service 126 based on profile.For example, profile collects clothes The record storage of each data and certification request can be stored 110 in data by business 108 and the authentication service 126 based on profile Or in other data storages, then this can be queried to generate bill.Alternatively, profile collects service 108 and is based on profile Authentication service 126 can by a special side store request count, and can according to substitution charging arrangement generate bill, Such as constant expense or service order model.

Exemplary hardware environment for the identification of multifactor identity fingerprint

Fig. 2 shows a possible embodiments of the hardware environment 200 identified for multifactor identity fingerprint.Especially Ground is configured to collect user's history activity data Fig. 2 shows client device 202, which exists Client device 202 itself is upper or alternatively lodges (host) on server 204 and is connect by network connection 206 Enter.The example for being collected in the historical act data on client device 202 itself includes capture thump, access such as photo Local data, or monitoring local application use, and such as network address is input in explorer.

Fig. 2 also shows client device 202 and is configured to be connected to by network connection 210 as lived with using journey The authentication service 126 and/or profile collection service 108 based on profile on sequence server 208.

Network connection 206 is related to the 202 access information system of client device of a part as User Activity, and net Network connection 210 is related to accessing profile collection system 108 and/or the Verification System 126 based on profile.Although these different applications Program, network connection 206 and network connection 210 can be for connection to any method or system of remote computing device. This can be in the form of wired and wireless communication.For example, client device 202 can be the individual on wired ethernet local area network Wired point of sales system in computer or storage.Alternatively, network connection 206 and/or 210 can be by for packet count According to Wi-Fi or by the wireless connection of cellular telephony protocol, the cellular telephony protocol may include CDMA 2000, WCDMA, HSPA, LTE or successor (successor) cellular protocol.Therefore, the aforementioned specifications of network connection 206 and 210 are not intended to by net The selectional restriction of network agreement.

In an alternative embodiment, client device 202 can be asked user's history activity data is locally stored or authenticates It asks.It does not need to receive by network with information system server 204 or with 208 interface of authentication application program servers based on profile Collection.For example, then the user's history activity data or certification request that are locally stored can store on portable storage item and For manually access information server 204 or the authentication application program servers 208 based on profile.

Client device 202 is any calculating equipment with processor 212 and memory 214.Client device 202 can Selection of land includes network interface 216.Client device 202 can be cellular phone including smart phone, laptop, above-knee Type computer, personal computer or dedicated computing terminal (such as point of sales system terminal).Client device 202 will also include Distributed system, such as terminal access central server, as used website homepage to calculate (web top computing).

The memory 214 of client device 202 is any computer-readable medium, which can be with Store several programs 218 and alternatively not executable data (such as document and picture).Computer-readable medium includes extremely Few two kinds of computer-readable medium, i.e. computer storage media and communication media.Computer storage medium includes to appoint The volatile and nonvolatile for being used to store information of what method or technique realization, removable and nonremovable medium, the information are all For example computer readable instructions, data structure, program module or other data.Computer storage medium includes but is not limited to RAM, ROM, EEPROM, flash memory or other memory technologies, CD-ROM, digital versatile disc (DVD) or other optics Storage device, cassette, tape, disk storage device or other magnetic storage devices, or can be used for storing information to count Calculate any other non-transmission medium of equipment access.In contrast, communication media may include computer-readable instruction, data knot Other data (such as carrier wave) or other transmission mechanisms in structure, program module or modulated data signal.As defined herein, Computer storage medium does not include communication media.

Program 218 includes computer-readable instruction, which includes operating system and other system functions And user application.The operating system can support the ability of capture application event.Capture application event makes Calling program can capture the data of observable, and the data of the observable then can store as user's history activation record.Show Example includes but is not limited to log beginning sentence (journaling hook) and trampoline function (trampoline function).It is logical Often, the application event of capture can be associated with programmed process program, and the operation of the programmed process program storage and event Associated input and/or output supplemental characteristic.In this way, it any customer incident and can be supervised with the interaction of application program Depending on, associated data storage, and be subsequently processed to be converted to one or more user's history activation record.

User application may include the application program for being designed to locally use, such as word processor or electronics Tables of data.Local application may include utility, such as monitoring the program locally used.This kind of application program can To include but is not limited to thump monitor and near-field communication monitor.Alternatively, user application may include being designed to use Carry out the application program of such as web browser interacted with remote system or cloud client.

Apps server 208 is can lodge profile collection system 108 and/or the certificate server based on profile 126 any calculating equipment.Apps server 208 includes processor 220, memory 222 and network interface 224.According to About the discussed above of client 202, memory 222 be include that any computer of computer storage media and communication media can Read medium.

Particularly, memory 222 stores program 226, which may include for profile collection system 108 and/or base In the operating system and computer-readable instruction of the certificate server 126 of profile.

Memory 222 also can store program 226, which may include data base management system (if data store 228 are configured as database).Data storage 228 can be configured as relational database, object-oriented database, columnar data Library, or support any configuration of the inquiry of user profiles and user's history activity data.

The exemplary operation of multifactor identity fingerprint identification

Fig. 3 shows a possible embodiment of multifactor identity fingerprint identification process 300.In the presence of for multifactor body The different factors of at least three of part fingerprint identification process 300, comprising: (1) based on the Verification System of profile, (2) user is based on The Verification System of profile is tracked and is authenticated, and (3) try the supplier or information system using multifactor identity fingerprint identifying system System.Different factors will perceive the different subsets of multifactor identity fingerprint identification process 300.Particularly, supplier or information system The prospect of system will change according to application program.Multifactor identity fingerprint identifying system will be only used only to recognize in some systems Card.It is other that the system will be used to carry out aggregate users and identify the use pattern of this group of user.

Multifactor identity fingerprint identification process 300 can generally be subdivided into following general (broad) subprocess:

1. data collection/user identity fingerprint generates 302,

2. certification 304, and

3. mode detection 306.

In square 308, user profiles are bound to special user.User profiles remember the historical act comprising user Record, and the identity fingerprint that will be used to generate user.Since the identity fingerprint of user will be used, the certificate of user and Binding must be accurate.User profiles do not need to be tied to special client device.However, user profiles may include use Family always uses the record of special client device.

Binding can be static or dynamic.By static binding, user can pass through the Verification System based on profile User profile record is created for certain.In this record, user can indicate the client device typically accessed or application Program.According to this information, multifactor identity fingerprint identifying system can more easily determine the user's history activity note to arrive It whether related to special user profiles records.However, binding is not necessarily static state.Due to the visitor of the Verification System based on profile Family end equipment can track the label of such as user identity of user's logon information, therefore multifactor identity fingerprint identifying system can To assemble the similar record logged in from any static input independently of user.

The advantage of dynamic binding user's history activation record to special user are to distinguish to use identical use by chance The different users of family account.For example, single family account can by the owner of the account, the owner with even summation, this owns The child of person uses.In this case, the Verification System based on profile can be properly generated three profiles (and then it is right The user identity fingerprint of each of Ying Yusan profile) rather than only one.Therefore, multifactor identity fingerprint identifying system It is not constrained to client device not only, the special user that it is not constrained to information system yet logs in or account.

In square 310, client device or the information system interacted with the client device collect user information.? In one embodiment, client device or information system obtain (enlist in) correlation model.Correlation model can specify spy Other customer incident, or the data to be captured can be further specified that for each customer incident.Customer incident is typically Being can be by the interaction with application program of OS Events or notice system acquisition.For example, if user click button, Operating system can be clicked with catching press-button, and applications active can be captured together with user identity as user information, Button identity.In addition, client device or information system can have button.onrelease, which executes not special The other information inquiry of event for capture.For example, button.onrelease can run journey other than catching press-button is clicked Sequence is to capture what other applications open, or whether there is any activity network session.

Therefore, client device can capture wide range of user information.Exactly, this is because width can be captured The possibility user information of range, the user information of capture can be limited to the event specified by correlation model and by for each things The specific data that the correlation model of part uses.

In square 312, user information is imported into relevant correlation model.It is former with client device or information system capture The square 310 of beginning user information is compared, and in square 312, user information is converted into user's history activation record.Particularly, User information is resolved, and is then mapped to the format that 108 importing data storage 110 of service can be collected by profile, so as to 128 subsequent acquisitions of authentication service 126 or other services based on profile.For example, being used to press referred to as in the application program of MyApp The primitive data that button is clicked can go out in the form of (" OKButton (i.e. OK button) ", UserBob, 12:12:00PM, MyApp) It is existing.This primitive data can be converted to following record (profile 111, MyApp:OKButton) by following variation:

(1) name on account UserBob may map to the user profiles of the identifier with profile 111.

(2) correlation model can have the lattice that application program and user interface elements are connected into a single field together Formula.In this illustration, OKButton and MyApp are converted into MyApp:OKButton.

(3) it can be eliminated with the incoherent some data of special correlation model.In this illustration, it is only to give up The 12:12:00PM time.

Any amount of transformation data action can be before being converted to user's history activation record relative to primitive user Information is performed.Third party's data can be accessed to be included in user's history activation record.For example, credit card identification or Telephone number identification information can be queried and be included in user's history activation record.In addition, data check can be performed. For example, client can execute record lattice before collecting service 108 by profile and loading data into data storage 110 Formula verifying and value verification check.

Alternatively, the event-consumers information of capture does not need to be exclusively used in special correlation model.For multiple correlation models Identical data are accessed, there may be specified common user historical act records.In this embodiment, client device Or the available event of information system rather than correlation model.

The user information for being converted to user's history activation record can be loaded onto data storage 110.Data storage 110 It can have single database or multiple databases.It is unrelated with the quantity of database used, from for the more of multiple events The data of multiple users of a client device can be all stored in data storage 110.

In square 314, multifactor identity fingerprint identifying system generates user identity fingerprint.User identity fingerprint can be It generates when needing or alternatively actively refreshes in background processes.Stored at least in the subset user's history in the profile of user Record is used as primitive data to generate user identity fingerprint.The user identity fingerprint is the summary of the history of user.User's body Part fingerprint can only generate the single number as simple numeric score, such as generation credit grade or classification grade.It is replacing For in scheme, user identity fingerprint can provide the data packet for summarizing relevant user activities.For example, if Request System is to user Prestige it is interested, fingerprint can report the quantity of bad check, the quantity of credit Card Rejections, and the return executed at storage The quantity of user.Data in identity fingerprint are not necessarily numerical value.By another example, if Request System user interested Whether participate in talking Billingsgate typically on website, identity fingerprint can only store boolean (Boolean) value.In identity fingerprint Data are not necessarily limited to the data collected by individual system, but can combine with external data.By another example, identity refers to Line can combine the quantity of bad check with the record number for arresting user due to credit card fraud.

User profiles and user identity fingerprint can be used in any number of ways.Two possible embodiments are The example of the example for the certification being shown in 304 and the mode detection being shown in 306.

Authentication scenario 304 is requested according to the information system of service supplier to authenticate the multifactor identity fingerprint of user and know The prospect of other system.In square 316, information system is programmed to perform the certification request based on profile for information system is captured Event.In one embodiment, information system will capture the event and relevant user data, convert this data to as One or more user's history activation record that refrence square 312 describes.These user's history activation record will act as user It is movable label and a part as certification request 124 be submitted to the authentication service 126 based on profile.

The label of User Activity may include the probable value of wide scope.Table 1 enumerates some possible mark values:

1. example user of table label

Table 1 is not intended to be the exhaustive list of user's mark.User's mark can come from third party, such as credit inspection.With Family label can be provided by interface to other information systems.

In square 318, the authentication service 126 based on profile receives certification request 124, and continues analysis authentication request 124.Analysis may include the correlation model that identification corresponds to certification request 124.The correlation model of identification is then by designated user Historical act record from data storage 110 to obtain.Then whether correlation model will determine the user's mark in certification request 124 Similar to the user's history activation record of acquisition.In some embodiments, correlation model will identify content model, for example, will Dirty word degree and historical pattern in user's mark in certification request 124 compare.In other embodiments, correlation model will Identify use pattern, for example, determine whether with submit buy before user watch in history identical website at least repeatedly compared with Make credit card funded payment immediately after browsing web sites.In yet another embodiment, correlation model can track user only at the noon The behavior pattern of social network record is updated during the meal time.

It can analyze the random subset of the user's history activation record of storage.Therefore, associated it is finally determined making Before, which can compare the result from different correlation models.

Unrelated with the correlation model used, which can identify the degree of association (for example, with the shape of similarity score Formula), and will determine whether similarity score is more than specific threshold value.Alternatively, correlation model can indicate special determination In confidence level be insufficient and determination will not be made.For example, analysis can determine that correlation model does not have sufficient user to go through History activation record is to make determination.

For whether associated threshold value to be sufficiently high to guarantee that certification can be different based on the information system for making certification request. Financial affairs and personal information may need high threshold value.Alternatively, general website may need relatively low threshold value.Threshold value can Changed with the range according to the interaction of user.For example, every transaction authentication can have the threshold value lower than every session authentication.It is similar Ground, every session authentication can have the threshold value lower than the interaction across multiple sessions.Different vertical applications programs can have Different threshold values.For example, medical information system can have the threshold value higher than recreational application programs.

Analysis result can be shared in many different ways.Common situations can be the message for sending instruction certification, or Person indicates the error message of insufficient data or refusal certification.Alternatively, analysis result can be compiled by exposed application program Journey interface (" API ") is directly accessed.By another example, analyze result can be focused into single similarity score and by Export is so as to by other application program or situation use.For example, contest web sites can determine that user is that the people that user is claimed is 70% is believable.Based on 70% confidence value, tournament prize can be restricted to be lower than has the case where 100% confidence level Value.

In square 320, if the analysis in square 310 determines that user authentication request fails, this is referred to as bad thing Part (adverse event).Adverse events can be determined substantially in real time, for example, if making the information of certification request System is interactive system.Alternatively, adverse events can be determined in bulk, such as be supplied in monthly bill collecting In the controversial debt record of user.

Once identifying adverse events, adverse events are just processed in square 322.As adverse events can be by real time Or alternatively determine in bulk, adverse events can also be in real time or alternatively processed in bulk.

The real-time processing of adverse events may include keeping off user outside the system, or provide modal dialog box and require to use Family provides the user certificate of substitution.In the case of not too important, adverse events can only be captured, and pass through electronics postal The asynchronous communication of part, text message or other forms sends notification to user.

In square 324, the authentication service 126 based on profile can receive the request of correction correlation model.Correlation model It can be modified, or can be substituted.For example, if the authentication service 126 based on profile is determined and spent a holiday affirmative there are height, Middle certification is rejected, but unknown user is capable of providing correctly substitution certificate, then correlation model can be marked in square 326 It is denoted as defective or is corrected, improve or replace.

Reference model detection case 306, service 128 upper to user profiles, user identity fingerprint, or both can execute number According to excavation.

In square 328, service 128 determines desired data and holds to user profiles, user identity fingerprint or both Row data query.Data query can be in the case where some external correlation models.When inquiring user identity fingerprint, inquiry can To obtain the identity fingerprint for the pre-generatmg for corresponding to a period.Alternatively, inquiry can ask the user identity fingerprint looked for novelty logical Nearest data are crossed to be dynamically generated.

In square 330, service 128 determines the mould for corresponding to the user of the data obtained using external correlation model Formula.The mode can be related to user's their own, such as in the popular product of identification purchase.In another example, the mould Formula can be related to historical user activity, such as most common situation (for example, in threat assessment) of identification certification request failure.It is logical Cross another example, external correlation model result can be analyzed to detect the mistake in multifactor identity fingerprint identifying system, because This provides a kind of debugging facility.

Exemplary authentication application program-removable medium based on profile

Fig. 4 shows the exemplary application of multifactor identity fingerprint identification 400.Particularly, Fig. 4 is shown in service offering Loaded in gateway (" SDG ") 402 and third party charging gateway (" 3PG ") 404 infrastructure existing subscriber profile information and Apply multifactor identity fingerprint identification so as to the more media content requests of movable equipment on movable equipment 400.

Consider wideband code division multiple access (" WCDMA ") honeycomb provider.Third party content provider 406 wishes to mention in WCDMA User is given using the content 408 of the service payment of movable equipment 410 on supplier.For supporting the WCDMA of third party's data service A kind of possible configuration of network is to be interacted using SDG 402 with data service 412.When content by SDG 402 service when, charging by The processing of 3PG 404.

It is paid for due to the content, it is thus possible to which expectation realizes that multifactor identity fingerprint identification is interior to guarantee to be serviced Appearance is actually ordered by user.

Firstly, crucial a large amount of profile information must be collected for the profile.Honeycomb provider has had wide model The user information source 414 enclosed.Source may include pre-existing business intelligence source 416, and such as CREDIT SCORE and rate of violation are used for The charge information 418 that honeycomb is ordered, and the advance payment information 420 for advance payment services client.From these user information sources 414 information can be loaded onto data service layer 412, be filtered alternately through privacy engine 422.

Information from user information source 414 is loaded by extracting transformation and loading routine program (" ETL ") 424, should ETL 424 is notified by ETL model 426, and is then converted into profile to store in data storage 428.ETL model 426 can be made of data model and several rules and constraint.

Once the profile is loaded, SDG 402 can execute certification by profile service 430.Particularly, unknown use Make the content requests of third party content provider 406 in family 410.SDG 402 can have local profile client or can be with Certification is directly executed by accessing profile service 430.Profile service will be stored 428 accesses by data and be recorded.According to one or More correlation models 432, profile service 430, which will return to instruction, to be certification, refusal or sufficient information whether is not present to make Determining message out.

If unknown user 410 is certified, SDG 402 and third party content provider 406 will provide the content of request 408 arrive user 410, and third party content provider 406 will be made out a bill by 3PG 404 to the user 410 authenticated by SDG 402 It is single.

Otherwise, third party content provider 406 will refuse the request.Optionally, third party content provider 406 can give birth to At the certification for reporting or sending the notification to account owner's failure.

Example safety fingerprint logic framework

It can be that customer users generate security fingerprint based on profile or independently of profile.Based on authentication protocol, they are mentioned It is supplied to fingerprint request side.Fig. 5 shows the example safety fingerprint logic framework 500 for supporting security fingerprint function.

Fingerprint database 502 is the major database of security fingerprint identifying platform.It includes to be used for security fingerprint application journey The configuration and metadata of sequence, the monitoring data of process, the input data and data mining results obtained from corporate client data source Data.All historical datas are maintained until that configurable time period terminates, such as 10 years.Fingerprint database 502 can be relationship Database, or can be with right and wrong SQL or columnar data library.

Fingerprint database 502 passes through information integration layer 504 from business data asset acceptance data.Information integration layer 504 is held Row data acquisition, joint and integration servers.It supports the multi-format for data integration, multi-protocols, real-time, near real-time or criticizes Amount mode.It is used to manage extraction, transformation and loading and the fingerprint phase from business data assets in general, information integration layer 504 executes Close any task of the loading time of data.

One of the major customer of fingerprint database 502 is fingerprint analysis application program 506.Fingerprint analysis application program 506 be the primary application program for executing processing logic and/or rule for fingerprint and fingerprint generating algorithm.It also include for The controller module of thread management and scheduling.Fingerprint logic and/or rule will be further discussed with reference to Fig. 6 and 7.

Fingerprinting service application program 508 executes the service of fingerprint based on request and can also execute the slave finger based on inquiry The service of the data of line.Note that alternatively, fingerprint can be inquired independently of fingerprinting service application program 508.Fingerprinting service application Program 508 is the service layer for exposing security fingerprint data.When there are one group of commerce services based on the data, there is also Multiple customer users and/or requesting party towards agency service, which is created to meet commercial object, policy, conjunction Same terms and conditions.

As previously mentioned, fingerprint can be based on profile, can support different fingerprint patterns, and can be used various Safety and/or cryptographic protocol.Customised profiles console 510 is to use preference for managing profile data and/or privacy information Customer-oriented user interface.

Fingerprint request side maintains account to allow them to receive fingerprint according to order and security constraint.The control of fingerprint request side Platform 512 be for the self-service interface of fingerprint request side to manage account and/or subscription, and order service and request support.

Service quality (" QoS ") component 514 and safety component 516 provide the clothes for being orthogonal to other functions in logical platform Business.Particularly, service quality (" QoS ") component 514 provides system management facility to manage fingerprint platform and application program with true The fingerprint platform that ensures safety reliably executes in specified Service Level Agreement (" SLA ").

Safety component 516 is implemented for authenticating, authorizing and the security protocol of other security functions.Particularly, safety component 516 guarantee effective access to fingerprint application program, service and fingerprint database.It verifies user, fingerprint pattern, effect, peace Full certificate, certification mark, digital signature etc. are to meet Information Security Standard and criterion.

Example safety fingerprint platform framework

Fig. 6 shows a possible implementation 600 of security fingerprint logical architecture 500 described in Fig. 5.

Data are collected from several business data assets 602 first.Business data assets 602 include that can be collected by enterprise Or any data obtained by third party.For example, the business data for cellular carrier may include following:

Customer account information；

Client's ordering information；

The product and/or equipment (for example, mobile phone, smart phone application program) that client uses；

The order that client makes；

Billing clients history；

The demographics of client；

The Web vector graphic of client；

The customer satisfaction of customer report is measured；

The position of substantially real-time client and contextual information；

Pass through the customer interaction of the application program on movable equipment and movable equipment；

Business support system/operations support systems user logging；With

To the result of the analysis operation of client.

Application program 604 can be obtained by finger print data to the data collection of business data assets 602 to execute.Finger print data Realization can be serviced by the calling of information integration layer 504 by obtaining application program 604.Finger print data obtains application program 604 can be with In many ways from business data assets 602 receive data, including from various business data assets 602 receive periodic message or Real-time stream executes real time data inquiry to business data assets 602, or possibly as batch process to one or more Multiple business data assets 602 execute periodical extraction/transformation/loading (" ETL ") function.

When receiving data from business data assets 602, finger print data obtains application program 604 can be to received data Execute various analyses and/or transformation.Example includes executing semantic analysis, to received data executing rule engine, in message team Message is arranged in column, executes the stream post-processing (stream post-processing) of received data flow, and joint data.By In there may be different many business data assets 602, finger print data, which obtains application program 604, can maintain corresponding number Data adapter unit is to support data various formats and by various agreements.In this way, finger print data obtains application program 604 With Extended model to support any data format and/or data protocol.

Finger print data obtains 604 loading safety fingerprint database 606 of application program.Fingerprint database 606 can be supported respectively Seed database, the subdata base include: input data, which is that application program 604 is obtained from finger print data finally The data of loading；Configuration data, the configuration data are profile and/or preference data from customer users；And result data, it should Result data is the result of the analysis executed to the data in fingerprint database 606.

When customer users 610 access, configuration data is entered by customised profiles console 608.Customer users 610 are logical Cross webpage or stand-alone utility input profile and/or preference data.Profile and preference data are begged in more detail with reference to Fig. 7 By.

Discussion so far has concentrated on the implementation how data including fingerprint enter security fingerprint platform 600.Discussing will Back to fingerprint request side how from the implementation of security fingerprint platform 600 receive fingerprint.

Fingerprint request side 612 can request to refer to by fingerprint request side's console 614 or by web service gateway 616 Line.Fingerprint request side's console 614, which is typically used in, maintains fingerprint request side's account and/or subscription, preference setting, service problem Manage (for example, counseling platform) and web service catalogue.Fingerprint request side's console 614 also may include for requesting, receive and Inquire the utility program of fingerprint.If fingerprint request side is automated procedure, can also directly be connect by web service gateway 616 Enter fingerprint, which provides gateway to fingerprint platform 600, particularly fingerprinting service application program 618.Web service Gateway 616 utilizes the QoS 514 and safety component 516 of fingerprint logic framework 500.Particularly, web service gateway 616 can mention For including the service of authorization, certification, policy implementation and routing and intermediary.

Fingerprinting service application program 618 corresponds to the fingerprinting service application program 508 in Fig. 5, and provides bonded mouth, should Bonded mouth usually passes through one group of commerce services and is used to provide fingerprint.In order to track and provide the access of web service gateway 616, Fingerprinting service application program 618 can be with supported web page service registration and one group of agent webpage service.

The commerce services of the fingerprint executed by fingerprinting service application program 618 are by fingerprint analysis application program 620 The primitive operation of embodiment.The fingerprint primitive operation provided by fingerprint analysis application program 620 may include for converting, analyzing, Version management (version), the operation for maintaining and inquiring fingerprint.Fingerprint primitive operation is discussed in more detail with reference to Fig. 7 and 8.

So far, discuss have been concentrated on how to provide fingerprint.In order to maintain and service finger print safety platform 600, system pipes It manages device 622 and finger print safety platform 600 is accessed by System Management Console 624.System Management Console 624 can access Fig. 5 Fingerprint logic framework 500 in all components for enumerating.Particularly, it can access fingerprint request side's console 614, webpage clothes Business gateway 616, fingerprinting service application program 618 and fingerprint analysis application program 620 and fingerprint database 606.Therefore, it is It is under the overall leadership reason console 624 can track fingerprint all aspects (from be created to service and provided fingerprint utilization) so as to Analysis.

Profile and security fingerprint

So far, the reception and offer for having concentrated on the fingerprint for being potentially based upon profile are discussed.Fig. 7 illustrates how to fill out A possible security fingerprint platform for filling profile implements the inside of 700 and fingerprint.

Customer users 702 access fingerprint platform 700 by customised profiles console 704.Customised profiles console 704 can be with Including privacy editing machine and profile editor.Privacy editing machine can be used for setting the various privacy settings in profile 706 and It can be used for creating, update and delete the mode for being used for the fingerprint of customer users.Profile editor can be used for editing non-privacy Data field, such as customer users identity field (for example, name, address and identification card number).Which profile editor also specifies Business data assets are to be packaged in the fingerprint of customer users.In this way, customer users do not need to only rely on security function to prevent Only access data；But client can prevent data to be included in fingerprint first.Customised profiles console 704 is also supported to examine Tracking function is to track the change history of profile.The profile that this audit trail can be used for for example detecting unauthorized changes. Continue to security fingerprint database 708 by the change of the profile 706 of customised profiles console 704.

Fingerprint is generated from security fingerprint database 708 by fingerprinting service application program 710.Fingerprinting service application program is rung Fingerprint should be generated by its commerce services component in fingerprint request.Commerce services component can be answered according to fingerprint analysis is encapsulated in Function is realized with the primitive fingerprinting operation in program 712.Since fingerprint can be provided on webpage, fingerprinting service application Program 710 can maintain web service registration and agent webpage Service Part.

Fingerprint 714 will encapsulate some subsets of the data corresponding to customer users 702 once generating.The data of encapsulation can To be encrypted and/or compress.Fingerprint 714 can support zero, one or more fingerprint pattern.Fingerprint pattern specifies the data Any part, which fingerprint request side and the data that when can pass through inquiry access encapsulation.When fingerprint 714 receives When inquiring 716, the identity and context of the mode selector detection fingerprint request side of fingerprint 714, and select corresponding fingerprint Mode.Default fingerprint pattern can also be called.Therefore, the subset of the data only encapsulated is exposed to inquiry 716.Then in exposure Data on execute inquiry, and data return to fingerprint request side's console 718 or inquiry application, and to referring to Line requesting party 720.It is also noted that fingerprint request side can obtain fingerprint 714 only to implement 700 inquiries independently of fingerprint.

Exemplary primitives fingerprinting operation

About the application program of fingerprint, such as with reference to those of the description of fingerprinting service application program 710 in Fig. 7, pass through Primitive fingerprinting operation is implemented.Primitive fingerprinting operation is the low-level operation to fingerprint for converting and/or inquiring fingerprint.Figure 8 show the application of example fingerprinting service, the interaction 800 of primitive fingerprinting operation and the bottom data from business data assets.

Primitive fingerprinting operation can in fingerprint, fingerprint database 802 finger print data, and/or other data (such as from The data that business data assets 804 are directly accessed) operation.Being directly accessed for business data assets 804 can be by such as referring to Fig. 5 504 service of information integration layer of description is implemented.

Primitive fingerprinting operation can support the operation of following type:

Duplication and identity primitive operation 806: fingerprint can be uniquely identified.Fingerprint can be cloned so that it is encapsulated Data and mode be replicated, other than unique fingerprint identifier.Copy/duplication primitive operation can execute this multiple System.Comparing function can determine whether two fingerprints are identical other than unique fingerprint identifier.Similarity score function can be with Determine the similar degree of two fingerprints.Therefore, the function does not expose data to fingerprint request side, and the data of encapsulation maintain peace Entirely, fingerprint request side is allowed to execute comparison.

Assemble primitive operation: fingerprint can merge or split.For example, one group of customer users can determine to be taken as one Entity, for example, four phone users of same home can only hope with the single fingerprint for entire family.This In situation, four fingerprints corresponding to four household persons can be merged into a single fingerprint.Note that kinsfolk can select The copy for merging their duplication of fingerprint is selected, therefore retains the selection for maintaining personal fingerprint.Combined reverse side is to split.Example Such as, consider fingerprint of the capture for the data of man and wife.Man and wife can try have personal fingerprint, if they To receive Products Show each other.Therefore, fractured operation will check bottom encapsulation of data, identify the compatible cluster of data, and Fingerprint is divided into two fingerprints by the best-guess which data belongs to which spouse.

Version management primitive operation 810: fingerprint develops over time.They receive new bottom data.It Can merge or split.If fingerprint request side wishes to know that fingerprint has current data, version function can be called to report Accuse version number and/or date created.Expired fingerprint can be by calling more new function to be refreshed.In this way, big fingerprint is not required to It to be regenerated from the beginning.More precisely, only needing to add the increment of bottom data.Fingerprint can also be locked in order to avoid more Newly.For example, if fingerprint request side is only authorized to receive fingerprint and continue for some time, locking will help ensure that mistake with the time It goes, the data of fingerprint are less useful since data are outmoded.

Inquire primitive operation 812: fingerprint can be queried.Primitive operation is inquired to execute to the mode for being subjected to being currently set With the inquiry again of the data of the encapsulation of the fingerprint of any other filter.Setting pattern primitive operation is used for by mode selector Set the mode to be used to especially inquire.Setting filter primitive operation can be used for adding the other inquiry item independently of mode Part.Also it can specify other primitive operation to enumerating mode and filter.

Application program 814,816 and 818 is example fingerprint attendant application.Senile dementia (Alzheimer) Application program 814 is described with reference to Fig. 9.Matching application program 816 is described with reference to Figure 10.Fingerprint merges application program with reference to figure 11 are described.

Example safety fingerprint framework service condition

The service condition of security fingerprint framework support wide scope.Here is that some example safety fingerprint frameworks use feelings Condition:

Memory increases

Fig. 9 shows the application program 900 of the fingerprinting service for tracking user behavior.One sample application is for long-term It loses memory or memory impairment patient tracks user behavior to obtain in the future.For example, it is contemplated that patient, cannot such as remember it is many they Past senile dementia patient.This patient can record the event of their life in the event of generation.It is many this Data are personal, and should be limited by privacy settings.But patient may not be able to maintain this set.Therefore, safety Fingerprint can provide solution.

Security fingerprint is generated from fingerprint database.Particularly, fingerprint encapsulates the data from the inquiry to fingerprint database. Note that the amount of data may be big, and regenerating the fingerprint may be very time-consuming.Therefore, memory, which increases, applies journey Sequence can call the version function of version management primitive operation 810 to find out the time of final updating and then execution version pipe Manage the more new function of primitive operation 810.In this way, it is only necessary to inquire the increment between final updating.

When queried, it passes through the query function of inquiry primitive operation 812.Mode selector determines that inquiry fingerprint is asked The identity and selection mode for the side of asking.If inquiry fingerprint request side is patient oneself, all encapsulation of data pass through inquiry behaviour Making 812 setting mode capabilities can be used.If inquiring fingerprint request side is spouse, it is exclusively used in by the way that fingerprint pattern to be set to The relatively small subset of the mode of spouse, the encapsulation of data of the interest based on spouse is available.If inquiring fingerprint request side is care-giver, Then it can also be exclusively used in providing the mode of medical data by setting mode capabilities setting.

Match application program

Figure 10 shows the matching application program using security fingerprint.Matching be introduce compatible (compatible) two or It is more personal.The case where compatibility, can include determining that whether two people are complementary enough for target date, specialized conference, wherein People with similar special interest is matched or its technical ability of service provider needs to be matched according to client.Consider two visitors Family user is close to each other but the case where do not know each other.Matching application program can automatically detect two customer users whether that This compatible degree that may wish to introduce each other to them.

Fingerprint A is stayed in the mobile phone A of customer users A.Fingerprint B is stayed in the mobile phone B of customer users B.Mobile phone A can have Automaticly inspect the application program of compatible close customer users.Particularly, when mobile phone A is close to mobile phone B, it can inquire visitor The fingerprint of family user B.When receiving the fingerprint of customer users B, mobile phone A can run phase according to duplication/identification primitive operation 806 Like property scoring function.If similarity score function is more than predetermined threshold, which can be used inquiry primitive operation 812 inquire the fingerprint of customer users B and the shared data of customer users A by inquiry operation.The application program then can be with Issue the alert messages for the data that filling is returned from inquiry.Since similarity score is had disclosed based on customer users B is greater than Data volume, thus the comparison be more likely to it is more accurate.In addition, alert messages can be customized with given client user A and client User B most it is shared what feature.

Group and single identity from identical security fingerprint

Security fingerprint can represent personal or one group of individual.Figure 11, which shows two spouses, to try to merge in their fingerprint Together the case where.Consider husband try to spend a holiday for their own and its Mate recognition place the case where.However, his personal fingerprint A Only reflect his personal preference.Firstly, husband copies his personal fingerprint using copy/duplication primitive operation 806.Then, User is obtained the fingerprint B of its spouse and is closed the copy of it and his fingerprint A using the pooling function of aggregation primitive operation 808 And.Then the husband obtains alert messages from the advertisement engine in the place that is exclusively used in spending a holiday using combined fingerprint.In this way, advertisement Server can appear one group of vacation that the husband is more likely to purchase, even if the vacation may be with this personal profiles less phase Hold.Therefore, it is different that application program is appeared from the routine based on profile, fingerprinting service application program can illustrate to influence purchase decision Other customer users expectation.

The Secure Fingerprint Authentication enhanced by third party source

Certification is the verifying for the identity that user's matching is declared.In the case where the certification based on profile, as described above, when using The behavior at family is verified when matching security fingerprint to scheduled believability threshold.

However, certification is not necessarily only performed by seeking advice from security fingerprint.There are a kind of third party's data source, the third parties Data source can supplement security fingerprint, but not need to be stored in security fingerprint.For example, the social network sites of user, such as Facebook^TMWebsite may include too huge or redundancy the information about user for security fingerprint.Another example It is that, wherein being recorded by the driving that safety net services user can access, security fingerprint does not need to store the information.However, third Square data source can supplement verification process.Particularly, credible in the case where system compares the behavior of user and security fingerprint The calculating of degree score may comprise steps of: (1) determining the factor that confidence score uses, (2) inquire needle from security fingerprint To the security fingerprint of available factor, (3) identification corresponds to third party's data source of remaining factor, (4) for those it is remaining because Element inquiry third party's data source, (5) are unavailable if not all factors from third party's data source, then report mistake, and (6) if all factors from third party's data source are available, calculate and return confidence score.

Some confidence scores can conditionally use third party's data source.For example, if the first confidence score root It is calculated according to security fingerprint, then only when the first confidence score is not able to satisfy predetermined threshold, utilizes the of third party's data source Two confidence scores can be calculated.In this way, third party's data source may be used to provide the authentication method of substitution.Pass through another example Son, the first confidence score, which can specify, to be come from some subsets of one group of prescription factors and is available to calculate confidence level and to obtain Point.In this way, certification can continue in one or more not available situations of third party's data source.

Third party's data source is also used as the input of the profile of security fingerprint.For example, it may be determined that user's context, example Such as, the position of mobile phone geo-location facility from the user and the date-time read from cell phone clock.Therefore, it is particularly counting It can be stored in profile according to the geo-location of the user of timestamp, and the current context used and security fingerprint pair Than.User's input can come from other input equipments connected by BluetoothTM (bluetooth) or other connection methods.Example Such as, pacemaker or other Medical Devices read can with calculate equipment interconnection and the data are used to be stored in the letter of security fingerprint In shelves.

Third party's data source how to generate business private situation another example is the collections of medical data.Refer to by safety Line, insurance company can verify claimant and be practically at the scene for claiming the accident for having caused injury.By another example, Insurance company or treatment doctor can verify the people for the medical action actually treated or specified, such as glycosuria The non-smoking of a part of sick therapeutic scheme takes insulin and metatrophia.

Based on context aggregation is adjusted

As described above, security fingerprint can be assembled according to target profile, target profile is for such as being tracked by profile One group of value range of interested behavial factor.In this way, individual can be grouped together and be directed, such as so as to wide It accuses.Assemble however, it is possible to be triggered according to condition.Particularly, following steps can be executed: (1) receives target profile, (2) are when wanting Execute aggregation when specified requirements, (3) in the notice that condition of acceptance has been satisfied, (a) query safe profile data storage with The security fingerprint for meeting target profile is found, and (b) gathers the security fingerprint of acquisition in individual security fingerprint.

A kind of application program of condition aggregation, which can be, attends the directional user of football match in gymnasium.The target profile It can be used for host team football football fan, but the football fan for only occurring in gymnasium is assembled.In this way, the security fingerprint of aggregation can be by Orientation is used for the advertisement of football business, and only to being physically located in those of gymnasium (for example, in the stall of gymnasium) people It can use.Another application program can be the condition aggregation of the security fingerprint of family.Target profile can be used for man and wife and Their child.When kinsfolk (may be as determined by the geo-localisation information of the mobile phone from them) closer to each other, The respective security fingerprint of those close kinsfolks is assembled.When those kinsfolks do not reaccees, the security fingerprint By disaggregation (disaggregate).In this way, the security fingerprint of aggregation can be oriented for the wide of kinsfolk closer to each other It accuses or recommends, the interest that such as restaurant recommendation is only oriented in the kinsfolk of that time point together.

The matching based on confidence level during assembling with disaggregation

Security fingerprint can easily be assembled, this is because the combination that aggregation is only the factor of storage (may removal Redundant data).Security fingerprint can also be by easily disaggregation, if some indicators, such as mark, the associated original with instruction The correlate of beginning security fingerprint.

However, security fingerprint needs to be constituted any label of security fingerprint without it by disaggregation sometimes.For example, it is contemplated that all Man and wife with individual security fingerprint.However, two are divorced, and it is expected themselves respective security fingerprint. If the individual security fingerprint is initially generated for man and wife, there is no original husband's security fingerprints and original Wife's security fingerprint.Therefore, two security fingerprints are by must be by identifying one or the other hearistic program (heuristics) It generates.

The aggregation of security fingerprint can also be based on hearistic program.For example, individual can pay first when carrying out honeycomb plan Money.After, individual becomes honeycomb subscriber.There may be the first security fingerprint (in consumption) as payment and as subscription Second security fingerprint of side.Cellco may want to based on two single fingerprints of original fingerprint extraction.Refer to however, combining this The decision of line is based on hearistic program.

Aggregation and disaggregation hearistic program are associated with accurate confidence level.Therefore, the use of security fingerprint can basis The confidence level of hearistic program is conditioned.Particularly, (1) security fingerprint is generated by hearistic program, and (2) correspond to hearistic program Confidence level be associated with the security fingerprint of generation, (3) inquire the security fingerprint of generation, the inquiry and confidence level water Flat association, and (4) obtain the data of inquiry, but if security fingerprint if security fingerprint meets inquiry confidence level It is unsatisfactory for inquiry confidence level, then reports mistake.In this way, can prevent the vacation in the security fingerprint generated by hearistic program can Reliability.For example, can be used for advertisement by the security fingerprint that low confidence level hearistic program generates, but it is not used in certification.

Conclusion

Although with the theme of the language description for structure feature and/or methodology behavior, it is to be understood that, institute The theme limited in attached claim is not necessarily limited to specific features described above or behavior.More precisely, being described above Specific features and behavior be published as implement claim exemplary forms.

Claims

1. a kind of method for generating identity fingerprint, this method comprises:

At least one record, institute are at least obtained from the storage of the data of record based on the profile for corresponding to one or more users State the detailed description that profile includes the record from data storage, and the record and one or more user go through History activity is related；With

At least one described record obtained is converted into one group of user behavior data；With

Identity fingerprint is generated from the one group of user behavior data converted, wherein identity fingerprint generated includes that can select Multiple modes, each mode are associated with from different a group of access limitations so that the identity based on fingerprint request side exposes the conversion One group of user behavior data at least part for inquiring, wherein the fingerprint request side is and one group of use with the conversion The associated one or more of users of family behavioral data different people or entity,

Wherein at least two modes in the multiple modes that can be selected specify one group of user behavior data of the conversion Different subsets, at least two mode in the multiple modes that can be selected are respectively related to different fingerprint request sides Connection.

2. according to the method described in claim 1, wherein the profile further includes closing with one group of user behavior data of the conversion The detailed description of the access restriction of connection, at least part of one group of user behavior data of the access restriction exposure conversion is for looking into It askes.

3. according to the method described in claim 1, wherein the profile enumerates at least one data word section, at least one described number According to field include data field identifier and user whether by the identity fingerprint application query of generation make it is described at least The indicator that one data word section will be exposed.

4. according to the method described in claim 1, wherein in the specified multiple modes that can be selected of the profile at least One mode.

5. according to the method described in claim 1, wherein which kind of data source is the profile specify will be used to that the data to be maintained to deposit Storage.

6. described according to the method described in claim 5, wherein at least one data source includes data source identifier and indicator Indicator indicates whether the user has made the data source that will be used to that the data to be maintained to store.

7. according to the method described in claim 5, will wherein be used to maintain at least one data source described in the data storage It is any one of below or more:

Cellular activity data；With

Honeycomb planning data.

8. according to the method described in claim 1, wherein described generate one group of use that the identity fingerprint includes the compression conversion Family behavioral data.

9. according to the method described in claim 1, wherein generating the identity fingerprint includes one group of user's row for encrypting the conversion For data.

10. a kind of system for one group of data to be selectively presented, the system include:

Processor；

Memory；

The identity fingerprint of storage in the memory, the identity fingerprint include:

One group of user behavior data associated with people,

Multiple modes, the subset of specified this group of user behavior data being exposed of each mode is for inquiring, being licensed for access to One or more identity of the fingerprint request side of the subset of this group of user behavior data and access this group of user behavior number According to the subset one or more limitations；With

Mode selector, the mode selector can operate the multiple to be dynamically selected based on the identity of fingerprint request side A mode in mode, wherein the fingerprint request side be the people different with from the associated people of this group of user behavior data or Entity；With

Primitive operation symbol, the primitive operation symbol are stored in the memory and can be executed by the processor at least The identity fingerprint is received, and is executed any one of below or more:

According to the identity fingerprint generation value；

Convert the identity fingerprint；Or

One or more other identity fingerprints are generated,

Wherein at least two modes in the multiple mode specify the different subsets of this group of user behavior data, the multiple mould At least two mode in formula is respectively associated from different fingerprint request sides.

11. system according to claim 10, which further includes the query engine of storage in the memory,

Wherein the primitive operation symbol is inquiry, the query engine is operated to be based at least partially on the inquiry Obtain at least part of this group of user behavior data of the identity fingerprint.

12. system according to claim 11, wherein the identity fingerprint includes that can operate to limit by the inquiry One or more filters for the data that engine obtains.

13. system according to claim 10, which includes the second identity fingerprint, and the wherein primitive operation symbol It is aggregation operator symbol, enables the processor to operate to create combined identity fingerprint, the combined identity fingerprint packet It includes:

Second group of user behavior data, second group of user behavior data include one group of user's row from the identity fingerprint For data and the not reproducible combination of one group of user behavior data from second identity fingerprint,

Multiple modes, the multiple mode include multiple modes from the identity fingerprint and from the more of the second identity fingerprint The not reproducible combination of a mode, and

Mode selector.

14. system according to claim 10, wherein primitive operation symbol is disaggregation operator, so that the processor It can operate to create the identity fingerprint of at least one disaggregation, the identity fingerprint of at least one disaggregation includes:

Second group of user behavior data, second group of user behavior data include this group of user's row from the identity fingerprint For the subset of data,

At least one mode of the multiple mode from the identity fingerprint, and

Mode selector.

15. system according to claim 10, wherein primitive operation symbol is duplication operator, so that the processor It can operate to create another identity fingerprint, another identity fingerprint includes:

Another group of user behavior data identical with this group of user behavior data,

Another multiple modes identical with the multiple mode, and

Another mode selector.

16. system according to claim 10, wherein the identity fingerprint further include:

The indicator of the version of the identity fingerprint；With

Indicate that the identity fingerprint is the indicator of the difference between complete identity fingerprint or two fingerprints.

17. system according to claim 16, which further includes the first identity fingerprint and the second identity fingerprint, described One identity fingerprint is complete identity fingerprint, and second identity fingerprint is increment,

Wherein the primitive operation symbol is to update operation, enables the processor to operation to create tiers e'tat fingerprint, institute Stating tiers e'tat fingerprint includes:

Second group of user behavior data, second group of user behavior data include one group of user's row from the first identity fingerprint The not reproducible combination of one group of user behavior data for data and from the second identity fingerprint,

Multiple modes, the multiple mode include multiple modes from the first identity fingerprint and from the more of the second identity fingerprint The not reproducible combination of a mode, and

Mode selector.

18. system according to claim 10, wherein primitive operation symbol is locked out operation, enable the processor Enough operations prevent any data in this group of user behavior data obtained.

19. system according to claim 10, which further includes the second identity fingerprint,

Wherein the primitive operation symbol is contrast operation, enables the processor to operation to refer to relative to second identity One group of user behavior data application similarity score in line is operated to this group of user behavior data in the identity fingerprint, phase It is the multiple into the first identity fingerprint for multiple mode application similarity scores operation in second identity fingerprint Mode, and return to similarity score as a result.