Adaptive strike count policy

摘要

An adaptive strike count management is implemented for securing resources. The method authorizes access to a resource if a security credential matches pre-stored security data. However, when the security credential does not match the pre-stored security data, the adaptive strike count management method denies access to the resource; assesses the risk level based on the security credential; increments a strike counter by a predetermined value based on the risk level; and disables further access attempts to the resource if the strike counter exceeds a threshold. The strike counter is incremented by a first value when the risk level is assessed to be a first level, a second value when the risk level is assessed to be a second level, and a third value when the risk level is assessed to be a third level.

主权项

1. An adaptive strike count management method for securing resources, comprising:
receiving a security credential; comparing the security credential with a pre-stored security data securing a resource; authorizing access to the resource when the security credential matches the pre-stored security data; and when the security credential does not match the pre-stored security data: denying access to the resource; determining a risk level based on the security credential; incrementing a strike counter by a predetermined value based on the risk level; and disabling subsequent access attempts to the resource when the strike counter satisfies a threshold, wherein incrementing the strike counter further comprises incrementing the strike counter by a first value when the risk level is determined to be a first level and a second value when the risk level is determined to be a second level, wherein the first value is different than the second value, and wherein determining the risk level comprises determining the risk level to be the second level when access is attempted from a device different from a device previously used to successfully access the resource.