| 发明名称 |
Continuous Authentication, and Methods, Systems, and Software Therefor |
| 摘要 |
Controlling a registered-user session of a registered user on a device using first and second authentication processes and a handoff from the first process to the second process. In one embodiment, the first authentication process is a stronger process performed at the outset of a session, and the second authentication process is a weaker process iteratively performed during the session. The stronger authentication process may require cooperation from the user, while the weaker authentication process is preferably one that requires little or no user cooperation. In other embodiments, a strong authentication process may be iteratively performed during the session. |
| 申请公布号 |
US2014250523(A1) |
申请公布日期 |
2014.09.04 |
| 申请号 |
US201314052200 |
申请日期 |
2013.10.11 |
| 申请人 |
Carnegie Mellon University |
发明人 |
Savvides Marios;Jaech Aaron |
| 分类号 |
G06F21/32;G06F21/36 |
主分类号 |
G06F21/32 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of controlling a registered-user session of a registered user, wherein the registered-user session is conducted on a device, the method being performed by an authentication system and comprising:
performing a first authentication process so as to authenticate the registered user, wherein the first authentication process has a first basis and includes:
receiving first identifying data associated with the registered user; andcomparing the first identifying data to first authenticated data so as to determine whether a match exists between the first identifying data and the first authenticated data; and if a match is determined to exist based on said comparing, then:
handing off authentication to a second authentication process having a second basis different from the first basis;iteratively generating an authentication status indicating whether or not the registered user remains present at the device; andcontrolling the session as a function of the authentication status. |
| 地址 |
Pittsburgh PA US |
