Identity security and containment based on detected threat events
US9769209B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 4, 2016 |
| Grant date | Sep 19, 2017 |
| Priority date | — |
| Expiry date | Mar 4, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/082
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An alert source issues security alerts to an identity provider, which acts as a gatekeeper to a secure resource. Each security alert is associated with an alert user identity and a security threat. When a user identity requests access to the secure resource, the identity provider may look up security alerts associated with the user identity, such as my matching up the user identity with the alert user identity associated with each alert. Based on any discovered security alerts that correspond to the user identity and a pre-defined security policy, the identity provider may perform various security actions on the user identity. For example, the identity provider may contain a user identity associated with high-risk and/or high fidelity security alerts. The identity provider may deny the user identity access to the secure resource, or the identity provider may request additional authentication factors associated with the user identity before access to the secure resource is provided. The identity provider may provide access to the secure resource without containing the user identity if there are no discovered security alerts associated with the user identity, or if the discovered sec…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.