Adaptive authentication solution that rewards almost correct passwords and that simulates access for incorrect passwords

Assignee

• International Business Machines Corporation · US

Inventors

• Subil M. Abraham · Plano, US
• Lee A. Carbonell · Flower Mound, US
• Tsz S. Cheng · Grand Prairie, US
• Mathews Thomas · Flower Mound, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/55
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

In the invention, incorrect authentication information for accessing at least one secured computing asset can be received. A similarity score between the incorrect authentication information and correct authentication information can be determined. One of many different access levels can be assigned to a computing session based upon the similarity score. Access consistent with the assigned access level can be granted. One access level can be an emulation access level that grants access to at least one simulated asset designed to mimic the secured asset. Access to the simulated asset can be provided in a fashion so that a user, who is likely an intruder, is unaware that they are not receiving the secured asset information. A tracking action can be optionally initiated against the intruder. Further, user behavior with the simulated session or a limited access session can be compared against a behavior profile to dynamically increase or decrease session permissions.