US 11,057,362 B2
Adaptive selection of authentication schemes in MFA
Murali Krishna Segu, Hyderabad (IN); and Venkata Swamy Karukuri, Hyderabad (IN)
Assigned to CA, Inc., New York, NY (US)
Filed by CA, Inc., New York, NY (US)
Filed on Oct. 5, 2017, as Appl. No. 15/725,536.
Prior Publication US 2019/0109833 A1, Apr. 11, 2019
Int. Cl. H04L 29/06 (2006.01)
CPC H04L 63/08 (2013.01) [H04L 63/10 (2013.01); H04L 63/205 (2013.01); H04L 2463/082 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method comprising:
receiving a request from a user to access a resource of a network;
determining whether the resource is protected;
in response to determining that the resource is protected, generating, based on evaluation of a plurality parameters of the resource, a dynamic authentication chain comprising a plurality of authentication schemes arranged in a particular order;
wherein the plurality of authentication schemes and the particular order are dynamically selected as the dynamic authentication chain is being generated;
challenging the user with the dynamic authentication chain in a single login;
receiving a set of credentials from the user based at least in part on the particular order of the dynamic authentication chain in response to the single login request;
determining whether the set of credentials satisfies the dynamic authentication chain;
authenticating the user in response to determining that the set of credentials satisfies the dynamic authentication chain;
adapting to re-challenge the user with a stronger authentication scheme when a highly protected resource is being accessed; and
analyzing criteria for failure and re-challenging the user in response to determining that the set of credentials fails to satisfy the dynamic authentication chain.