| CPC H04L 63/108 (2013.01) [H04L 63/0876 (2013.01); H04L 63/105 (2013.01)] | 20 Claims |
|
1. A method for dynamically enforcing mid-session reauthentication and authorization tuning, the method comprising:
after a session has been authenticated between a user device and a secure service, continuously monitoring the authenticated session for one or more risk events;
receiving a communication at an authentication service, wherein the communication is indicative of a change in a security posture of the authenticated session between the user device and the secure service, wherein the communication is based on a determination that the one or more risk events were detected during the continuous monitoring;
determining based on the communication indicating the change in the security posture of the authenticated session that a trust level associated with the user device is below a trust threshold; and
sending an enforcement signal to a security agent, wherein the enforcement signal corresponds to a remedial action to be taken with respect to the change in the security posture of the authenticated session, wherein the remedial action includes at least reauthentication of the authentication session, and wherein the reauthentication is associated with at least the trust level.
|