| 摘要 |
A technique for defining a system with enhanced trust is disclosed, in which an immediate contact is made with the user on the enhanced trust system when a compromise is first detected, e.g. when there is a second log in attempt from another location. Using these communications channels, the service can often contact the compromised user and ask for confirmation of the results, i.e. to change password or login, from a reduced trust machine. As a result, even if an attacker steals a password, the true user on the enhanced trust machine is able to preclude a login or preclude a password change. In each case, if the user of the enhanced trust machine does not respond within some short period of time, then a less trusted machine can be allowed to proceed. The invention comprehends two definitions of an enhanced trust machine. In a first embodiment of the invention, an enhanced trust machine is a machine where the user is currently logged in at the time that the second, less trusted machine attempts a login. A second embodiment of the invention comprehends an enhanced trust machine where the user has logged in repeatedly over a course of numerous weeks, as compared with a lesser trusted machine that the user has never logged into before and which is now asking for a change of the password. In this case, the system may or may not find the less trusted machine to be just that based on actions that are experientially inconsistent with what is expected.
|
