US 12,218,949 B2
Risk-aware access control system and related methods
Andrew James Malton, Waterloo (CA); Andrew Eric Walenstein, Issaquah, WA (US); Jinxin Liu, Ottawa (CA); Burak Kantarci, Ottawa (CA); Melike Erol Kantarci, Ottawa (CA); and Murat Simsek, Ottawa (CA)
Assigned to BlackBerry Limited, Waterloo (CA)
Filed by BlackBerry Limited, Waterloo (CA)
Filed on Dec. 6, 2023, as Appl. No. 18/530,793.
Application 18/530,793 is a continuation of application No. 17/129,334, filed on Dec. 21, 2020, granted, now 11,888,857.
Prior Publication US 2024/0121244 A1, Apr. 11, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 21/31 (2013.01)
CPC H04L 63/105 (2013.01) [G06F 21/31 (2013.01); H04L 63/205 (2013.01); G06F 2221/2103 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method of risk-aware access control performed by a system comprising a hardware processor, the method comprising:
detecting a request to perform an action, the requested action being associated with respect to a plurality of factors of different types;
determining a risk level from at least one relationship between two factors, the two factors being of different factor types associated with the requested action, the at least one relationship reflecting an unusualness of a co-occurrence of the two factors of the different factor types for the requested action; and
denying, by the system, the requested action based on a determination that the risk level does not satisfy a security policy.