Method and apparatus for object security session validation

摘要

According to one embodiment, an apparatus may store a plurality of token-based rules. A token-based rule may facilitate access to a resource. The apparatus may further store a plurality of tokens. The plurality of tokens may include a session token associated with access to the resource by a device. The apparatus may receive a first token indicating that an alarm associated with the device has been triggered. The apparatus may determine, based at least in part upon at least one token-based rule from the plurality of token-based rules, that access to the resource should be terminated in response to receiving the first token and terminate the session token in response to the determination that access to the resource should be terminated.

主权项

1. An apparatus comprising:
a memory operable to:
store a plurality of token-based rules, wherein a token-based rule facilitates access to a resource by a device associated with a user, wherein access to the resource is based at least in part upon:
a numeric assurance level whose value is based at least in part upon a form of authentication performed by the user;a numeric trust level whose value is based at least in part upon a form of security provided by the resource; anda numeric risk level;store a plurality of tokens, wherein the plurality of tokens includes a risk token and a session token associated with access to the resource, wherein:
access to the resource is granted based at least in part upon the numeric assurance level, the numeric trust level, and the numeric risk level;the device is further associated with at least one of a car and a home; andthe numeric risk level is based at least in part upon the risk token; and a processor communicatively coupled to the memory and operable to:
receive a first token indicating that at least one of a car alarm and a home alarm associated with the device has been triggered;determine that the numeric risk level has changed in response to receiving the first token;in response to the determination that the numeric risk level has changed, determine, based at least in part upon at least one token-based rule from the plurality of token-based rules, the numeric assurance level, the numeric trust level, and the numeric risk level, that access to the resource should be terminated in response to receiving the first token;terminate the session token in response to the determination that access to the resource should be terminated;receive a second token indicating that the at least one of the car alarm and home alarm has been resolved;determine that the numeric risk level has changed in response to receiving the second token;determine, based at least in part upon the at least one token-based rule, the numeric assurance level, the numeric trust level, and the numeric risk level, that access to the resource should be reestablished;generate a first decision token indicating that access to the resource should be reestablished in response to the determination that access to the resource should be reestablished; andtransmit the first decision token.