| 摘要 |
<p>A system for authenticating a requesting entity for access to a controlled resource using one or more authentication factors communicated electronically regarding a security account record in an access authentication component (11). Each record being retrievable based on a unique identifier associated with the requesting entity (30) and a public key of a respective public-private key pair of the requesting entity. The requesting entity originates a digitally signed electronic message including an access request and the unique identifier. The access authentication component (34) retrieves the public key by using the unique identifier to authenticate the electronic message. An access authentication signal can be used for granting access to the requesting entity. The message authentication can include authenticating a security profile of a device and one or more types of verification data of the requesting entity and combinations thereof (24). Business rule can be established to require a reconfirmation of the security profile or resubmission of the verification status or a new/different verification status for a new transaction during a session or following a perset session expiration period.</p> |
