Transparent adaptive authentication and transaction monitoring

摘要

Enhanced security processes are integrated into online service provider workflow activities in a transparent fashion with little or no impact on the servers. Enhanced security processes may include adaptive authentication and transaction monitoring. The enhanced security processes are partially implemented in a network device, such as a network communication device, a firewall, or a load balancing system, or a separate security device, rather than being implemented in the server systems hosting on-line websites. With such an arrangement, server software is minimally modified or rewritten, and third party software, such as security applications, remains in operation.

主权项

1. A method of adding increased security to communications exchanged between a server and a client device, comprising:
receiving an intercepted and re-routed communication between the server and the client device, the communication having an intended recipient; storing the re-routed communication in a memory, and communicating with the client device requesting additional security information; performing a security operation including the additional security information and generating a security decision; sending the stored communication to the intended recipient when the security decision indicates that it is safe to continue; and preventing the stored communication from being sent when the security decision indicates that it is not safe to continue, wherein receiving the intercepted and re-routed communication further comprises (1) determining whether the re-routed communication requires increased security, (2) transmitting a call to a security analysis device including information related to the intercepted communication, for generating a step-up security decision when the re-routed communication requires increased security, and (3) transmitting a challenge to the client when the step-up security decision indicates that a step-up security procedure is indicated, and wherein performing the security operation including the additional security information and generating a security decision further includes receiving a response to the challenge from the client and comparing the response to information in the memory to determine confirmation, and wherein determining whether the re-routed communication requires increased security includes determining whether the communication from the server is a communication allowing access to a resource to the client.