Method and system for authentication by defining a demanded level of security

摘要

A computer-implemented method for authentication involves defining a level of trust required for access to a resource independently of any particular authentication mechanism or instance, determining levels of trust associated with a plurality of authentication instances, and selecting and combining two or more of the authentication instances to meet or exceed the required level of trust.

主权项

1. A computer-implemented method for authentication of a client device to a server, the method comprising:
using one or more computer processors to perform the operations of: determining a demanded level of security for a resource on the server, wherein the demanded level of security is independent of any particular authentication instance and defines level of trust necessary to allow access to the resource on the server; determining, for each of a plurality of authentication instances, an associated server level of trust; determining which of the plurality of authentication instances are available on the client device; selecting at least two authentication instances from the plurality of authentication instances determined to be available on the client device based upon a determination that the combined level of trust associated with the at least two selected authentication instances meets or exceeds the determined demanded level of security for access to the resource on the server, wherein one or more combining operators are utilized to combine authentication instances; and sending a request to the server to utilize the resource, the request comprising information verifying that the computer-implemented client has successfully authenticated utilizing the selected combination of authentication instances, wherein the authentication instances are associated to a reputation which evolves based on a collection of previous experiences associated with determining the server level of trust in the authentication instances.