| CPC H04L 63/0876 (2013.01) [H04L 63/0838 (2013.01); H04L 63/0853 (2013.01); H04L 63/1433 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A non-transitory, computer-readable storage medium storing instructions that, when executed by a processor, perform actions comprising:
associating, with an enrolled device during a device enrollment process, authentication credentials of the enrolled device and metadata of the enrolled device, wherein the metadata of the enrolled device comprises one or more infrequently changing characteristics of the enrolled device;
obtaining, based on an access request received from a second device, an authentication token generated using the authentication credentials of the enrolled device and metadata of the second device;
identifying, based on a comparison of the metadata of the enrolled device to the metadata of the second device, one or more metadata anomalies, wherein a metadata anomaly corresponds to a discrepancy between a device metadata value in the metadata of the enrolled device and a device metadata value in the metadata of the second device;
determining, based on the one or more metadata anomalies, a risk level associated with the second device; and
denying, based on determining that the authentication token is valid, based on the comparison of the metadata of the enrolled device to the metadata of the second device, and based on the risk level associated with the second device, the access request received from the second device.
|