METHOD AND APPARATUS FOR ACCESS AUTHENTICATION ENTITY

摘要

A system for authenticating a requesting entity for access to a controlled resource using one or more authentication factors communicated electronicall y regarding a security account record in an access authentication component (11). Each record being retrievable based on a unique identifier associated with the requesting entity (30) and a public key of a respective public- private key pair of the requesting entity. The requesting entity originates a digitally signed electronic message including an access request and the uniq ue identifier. The access authentication component (34) retrieves the public ke y by using the unique identifier to authenticate the electronic message. An access authentication signal can be used for granting access to the requesti ng entity. The message authentication can include authenticating a security profile of a device and one or more types of verification data of the requesting entity and combinations thereof (24). Business rule can be established to require a reconfirmation of the security profile or resubmission of the verification status or a new/different verification stat us for a new transaction during a session or following a perset session expiration period.