| CPC G06F 21/6245 (2013.01) [G06F 21/32 (2013.01)] | 15 Claims |
|
1. A computer-implemented method for managing a sensitive data, wherein each authentication factor in a set of authentication factors has been uniquely assigned a corresponding group from a plurality of groups, wherein each of the groups in the plurality of groups contains one or more secret shares from a plurality of secret shares generated by using a secret sharing scheme, wherein that the method comprises:
a checking step in which a user provides an input, a verification of said input is performed by using an authentication factor from the set of authentication factors to generate a score reflecting a level of confidence of the verification and adding a subset of the one or more secret share(s) of the corresponding group assigned to the authentication factor to a collection, said subset of the one or more secret shares of the corresponding group depending on both said score and a predefined parameter associated with the authentication factor,
a controlling step in which while the collection comprises a number of secret share(s) which is below a threshold, a further authentication factor is elected from the set of authentication factors and a further checking step is executed with the further authentication factor and a further corresponding group of one or more secret shares, and
a generating step in which, once the number of secret shares belonging to the collection has reached the threshold, the sensitive data is built from the secret shares of the collection by applying a predefined algorithm associated with the secret sharing scheme.
|