Method and apparatus for multi-factor authentication system

By adjusting the confidence scores of authentication factors in a multi-factor authentication system and applying an uncertainty model, fair integration of authentication factors in the multi-factor authentication system is achieved, solving the problem of inaccurate decision-making in existing technologies and improving the accuracy and efficiency of authentication in IoT applications.

CN116457781BActive Publication Date: 2026-07-14HUAWEI TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
HUAWEI TECH CO LTD
Filing Date
2020-11-16
Publication Date
2026-07-14

AI Technical Summary

Technical Problem

Existing multi-factor authentication systems suffer from inaccuracies and inefficiencies in identity verification, especially when using multiple authentication factors, resulting in a high error rate and an inability to fairly integrate different types of authentication factors, leading to inaccurate authentication decisions.

Method used

By adjusting the confidence score of each authentication factor, pessimistic and optimistic uncertainty models are applied to generate pessimistic and optimistic certainty scores for identity, and then averaged to achieve fair integration of authentication factors in a multi-factor authentication system.

Benefits of technology

It improves the decision-making accuracy of multi-factor authentication systems, reduces the erroneous decision rate, and is suitable for mixing different categories of authentication factors, especially improving the efficiency and accuracy of authentication in IoT applications.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116457781B_ABST
    Figure CN116457781B_ABST
Patent Text Reader

Abstract

A method of implementing error minimization factor fusion in an automated multi-factor authentication system is provided. The method includes, for each authentication factor, receiving an identity of a principal of an authentication request assigned to the authentication system. The method also includes, for each authentication factor: adjusting a confidence score of the identity based on an authentication factor-specific trust score, resulting in an adjusted confidence score value less than one and having a corresponding uncertainty value; applying a pessimistic uncertainty model to the adjusted confidence score to generate a pessimistic certainty score for each identity; applying an optimistic uncertainty model to the adjusted confidence score to generate an optimistic certainty score for each identity, wherein the optimistic uncertainty model assigns a portion of the uncertainty value to the most likely identity based on the authentication factor. The method also includes, for each identity, averaging between the pessimistic certainty score and the optimistic certainty score for the identity to generate an average confidence score for each identity.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention generally relates to the field of automated multi-factor authentication systems. Background Technology

[0002] In recent decades, multi-factor authentication systems have become increasingly popular in several fields requiring data security, such as social networks, Internet of Things (IoT) applications, banking services, and e-commerce applications, where authentication technologies are employed to prevent potential breaches. Multi-factor authentication systems determine an entity's identity by evaluating authentication factors presented in an authentication request submitted on behalf of the entity. Typically, such systems require multiple authentication factors (i.e., multiple credentials from the entity) to accurately authenticate the entity's identity. For example, multi-factor authentication systems can use fingerprints and digital passwords for authentication.

[0003] However, existing authentication techniques in current multi-factor authentication systems have several limitations. First, when using more than two authentication factors, existing techniques are inaccurate and inefficient in correctly verifying the identity of an entity. For example, when a multi-factor authentication system is applied to a given IoT application, the error rate of decision-making is high as one or more authentication factors are added or removed over time. Typically, existing authentication systems are designed based on one or more authentication factors of a specific type. This design is based on hard-wired techniques and algorithms and is used only for one or more specific authentication purposes. Second, existing authentication techniques are not suitable for supporting a mixture of different types (i.e., categories) of authentication factors when verifying the identity of an entity (e.g., a mixture of binary and biometric authentication factors). For example, when authenticating an entity, if one authentication factor has a 100% confidence score, that factor is superior to others, leading to unfair fusion of multiple authentication factors in the multi-factor authentication system. Therefore, decisions based on inefficient authentication using such unfair factor fusion are inaccurate and have a high error rate.

[0004] Existing authentication techniques in multi-factor authentication systems do not support fair factor fusion, leading to inaccurate decisions in real-world applications such as IoT. In one example, a veto-vote authentication technique based on exact matching among all authentication factors is currently used in authentication systems with low or zero false rejection rates. However, this technique is prone to extreme error rates, which increase with the addition of more authentication factors. In another example, Bayesian network authentication techniques based on weighted joint probability distributions are currently used in authentication systems with low uncertainty and well-defined factor dependencies. However, this technique is based on static empirical data, is only suitable for certain authentication purposes, and is prone to quality degradation under changing conditions. In yet another example, a weighted-vote authentication technique based on the sum of authentication confidence scores multiplied by source weights is used in authentication systems with the same type of dependent authentication factors (e.g., replication for reliability and denoising). However, this technique has a coarse weight distribution, biases, blind spots (i.e., overweighting), does not track changes, and is sensitive to misconfiguration. In yet another example, a subjective logic authentication technique based on complex probabilistic models of trust, uncertainty, and distrust is used in authentication systems with well-defined uncertainty measurements. However, this technology is limited in use because existing sensors do not support inputs based on trust, uncertainty, and distrust. Furthermore, this technology is only optimized for two authentication factors. In another example, custom artificial intelligence (AI) authentication technology based on machine learning algorithms is used in authentication systems with large amounts of experience data and requires significant computing resources. However, this technology is hard-coded, prone to high latency and heavy load (therefore unsuitable for applications such as IoT), and requires extensive training and retraining.

[0005] Therefore, based on the above discussion, it is necessary to overcome the aforementioned drawbacks associated with existing authentication technologies in existing multi-factor authentication systems. Summary of the Invention

[0006] This invention aims to provide embodiments of a method and apparatus for error-minimizing factor fusion in an automated multi-factor authentication system. The invention aims to provide a solution to the following existing problems: support for only a limited number and specific types of one or more authentication factors and / or one or more specific authentication purposes; unfair fusion of different types of authentication factors associated with existing authentication technologies, which further leads to inaccurate decisions. The object of this invention is to provide a solution that at least partially overcomes the problems encountered in the prior art, and to provide a method and apparatus that are efficient, accurate, and reliable in performing authentication by achieving fair fusion of multiple authentication factors in a multi-factor authentication system.

[0007] The object of this invention is achieved by the solutions provided in the appended independent claims. Advantageous embodiments of the invention are further defined in the dependent claims.

[0008] In a first aspect, the present invention provides a method for an automated multi-factor authentication system. The method includes: for each of at least two authentication factors, receiving an identity of a subject requesting authentication for the corresponding authentication factor, the identity having an associated confidence score or an absolute identity with an implicit confidence score of 1. The method further includes, for each authentication factor: adjusting the confidence score of the identity assigned to the authentication factor based on an authentication factor-specific trust score reflecting the reliability of the corresponding authentication factor, to obtain an adjusted confidence score value less than 1, each adjusted confidence score having a corresponding uncertainty value, i.e., 1 minus the adjusted confidence score value; applying a pessimistic uncertainty model to the adjusted confidence scores to generate a pessimistic certainty score for each identity; and applying an optimistic uncertainty model to the adjusted confidence scores, the optimistic uncertainty model allocating a portion of the uncertainty value to the identity considered most likely based on the authentication factor to generate an optimistic certainty score for each identity. The method then includes, for each identity, averaging between the pessimistic certainty score and the optimistic certainty score of the identity to generate an average confidence score for each identity.

[0009] The method provides a fair fusion of multiple authentication factors. Here, the confidence score of the identity is adjusted based on the specific trust score of the authentication factor to promote fair and efficient fusion of authentication factors. In this case, the decision accuracy of the multi-factor authentication system is improved, and when applied to multiple application domains (such as IoT applications), this system can reduce the erroneous decision rate. The method is well-suited for supporting the mixing of different categories of authentication factors (specifically, a mixture of binary authentication factors and biometric authentication factors) when authenticating the identity of a subject. The method is not limited to any particular number or type of one or more authentication factors and / or one or more specific authentication purposes, and can be reliably used in real-world applications (e.g., IoT-based applications).

[0010] In a first possible implementation of the first aspect, each of the at least two authentication factors is used to authenticate any one of a plurality of identities.

[0011] By using each of at least two authentication factors in this manner, the subject's identity is accurately authenticated as a known identity from among multiple identities.

[0012] In a second possible implementation of the first implementation, each of the at least two authentication factors is further used to identify the subject as an unknown identity that is different from each of the plurality of identities.

[0013] In a third possible implementation of the second implementation, the optimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j Calculate P optimistic (w i |m j ):

[0014] IF identity i =m j :

[0015]

[0016] ELSE:

[0017]

[0018] Unknown identity:

[0019] For each identity m j Calculate the identity probability P optimistic (m j |{w i}):

[0020]

[0021] Where UW is the unknown weight (configuration parameter), P = R + UW, R is the number of different observed identities, and Accuracy is... i =Through relevant factors w i The identity m assigned to the subject j The adjusted confidence score.

[0022] By employing an optimistic uncertainty model, the uncertainty value of each adjusted confidence score is effectively solved to obtain the realistic maximum bound of the uncertainty value. This maximum bound can estimate the true real-world value of the confidence score.

[0023] In a fourth possible implementation of the second or third implementation, the pessimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w.i It is a pair of observed identities and adjusted confidence levels, and for each observation wi and each identity m j Calculate P pessimistic (w i |m j ):

[0024] IF identity i =m j :

[0025] P pessimistic (w i |m j ) = Accuracy i

[0026] ELSE:

[0027]

[0028] Unknown identity:

[0029]

[0030] For each identity m j Calculate the identity probability P pessimistic (m j |{w i}):

[0031]

[0032] Where UW is the unknown weight (configuration parameter), P = R + UW, R is the number of different observed identities, and Accuracy is... i =Through relevant factors w i The identity m assigned to the subject j The adjusted confidence score.

[0033] By employing a pessimistic uncertainty model, the uncertainty value of each adjusted confidence score is efficiently solved to obtain the realistic minimum boundary of the uncertainty value. This minimum boundary can estimate the true real-world value of the confidence score.

[0034] In a fifth possible implementation of the third implementation, the averaging is performed by calculating the average of the pessimistic certainty score and the optimistic certainty score for each identity mj:

[0035] By averaging, the best estimate of the true confidence score for each identity is obtained, since the true confidence score for each identity lies between the pessimistic certainty score and the optimistic certainty score for each identity.

[0036] In the sixth possible implementation of the first aspect itself, or according to any one of the first to fifth implementations, one or more of the at least two authentication factors are biometric authentication factors.

[0037] Biometric authentication factors are based on the inherent biological attributes of the subject, thus enabling accurate authentication of the subject.

[0038] In a seventh possible implementation of the sixth implementation, one or more of the at least two authentication factors are binary authentication factors.

[0039] Binary authentication factors are deterministic in nature and leave no ambiguity in the authentication process.

[0040] In an eighth possible implementation of the sixth or seventh implementation, the specific trust score of the biometric authentication factor is related to the deception acceptance rate and the imposter acceptance rate of the biometric authentication factor.

[0041] By considering the spoofing acceptance rate and impersonation acceptance rate of biometric authentication factors, an authentication factor-specific trust score is calculated for each authentication factor, thereby improving the accuracy of trust score calculation and subsequently improving the authentication accuracy of the multi-factor authentication system.

[0042] In a ninth possible implementation, based on the first aspect itself or any of the first to eighth implementations, the authentication factor-specific trust score of the authentication factor is related to the false acceptance rate of the authentication factor.

[0043] By considering the false acceptance rate of the authentication factor-specific trust score for each authentication factor, the accuracy of trust score calculation is improved, which in turn improves the authentication accuracy of the multi-factor authentication system.

[0044] According to the first aspect itself or any of the first to ninth implementations, in the tenth possible implementation, the authentication factor-specific trust score of the authentication factor is the product of the system security score, which is a measure of the strength and degree of protection of various aspects of the authentication system.

[0045] By taking into account the system security score used to calculate the authentication factor-specific trust score for each authentication factor, the accuracy of trust score calculation is improved, which in turn improves the authentication accuracy of the multi-factor authentication system.

[0046] In the eleventh possible implementation of the tenth implementation, the aspects of the authentication system that measure strength and level of protection include one or more of the following:

[0047] Proactive threat detection, system protection, sensitive data storage protection, network protection, connection protection, user authentication strength, and device credentials.

[0048] When the system security score is calculated by considering various aspects of the multi-factor authentication system, the system security score can be accurately estimated, which improves the accuracy of trust score calculation and authentication in the multi-factor authentication system.

[0049] In a second aspect, the present invention provides an apparatus comprising one or more processors and one or more computer-readable hardware storage devices storing computer-executable instructions executable by the one or more processors. The computer-executable instructions cause the apparatus to: for each of at least two authentication factors, receive an identity assigned to a subject making an authentication request for that authentication factor, the identity having an associated confidence score or an absolute identity having an implicit confidence score of 1. Furthermore, the computer-executable instructions cause the apparatus to: for each authentication factor, adjust the confidence score of the identity based on an authentication factor-specific trust score reflecting the reliability of the corresponding authentication factor to obtain an adjusted confidence score value less than 1, each adjusted confidence score having a corresponding uncertainty value, i.e., 1 minus the adjusted confidence score value; apply a pessimistic uncertainty model to the adjusted confidence score to generate a pessimistic certainty score for each identity; and apply an optimistic uncertainty model to the adjusted confidence score, the optimistic uncertainty model allocating a portion of the uncertainty value for each authentication factor to the identity considered most likely based on the authentication factor to generate an optimistic certainty score for each identity. Subsequently, the computer-executable instructions cause the device to, for each identity, average between the pessimistic certainty score and the optimistic certainty score of the identity to generate an average confidence score for each identity.

[0050] The apparatus of this aspect achieves all the advantages and effects of the method of the present invention. The apparatus can be easily implemented and used in a multi-factor authentication system.

[0051] In a first possible implementation of the second aspect, one or more of the at least two authentication factors are biometric authentication factors.

[0052] In a second possible implementation of the first implementation of the second aspect, one or more of the at least two authentication factors are binary authentication factors.

[0053] In a third possible implementation of the first or second implementation of the second aspect, the biometric authentication factor's specific trust score is related to the biometric authentication factor's deception acceptance rate and imposter acceptance rate.

[0054] In a fourth possible implementation, based on the second aspect itself or any of the first to third implementations of the second aspect, each of the at least two authentication factors is used to authenticate any one of the multiple identities.

[0055] In a fifth possible implementation of the fourth implementation of the second aspect, each of the at least two authentication factors is further used to identify the subject as an unknown identity different from each of the plurality of identities.

[0056] In a sixth possible implementation of the fifth implementation of the second aspect, the optimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation wi and each identity m j Calculate P optimistic (w i |m j ):

[0057] IF identity i =m i :

[0058]

[0059] ELSE:

[0060]

[0061] Unknown identity:

[0062]

[0063] For each identity m j Calculate the identity probability P optimistic (m j |{w i}):

[0064]

[0065] Where UW is the unknown weight (configuration parameter), P = R + UW, R is the number of different observed identities, and Accuracy is... i =Through relevant factors w i The identity m assigned to the subjectj The adjusted confidence score.

[0066] In a seventh possible implementation of the fifth or sixth implementation of the second aspect, the pessimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j Calculate P pessimistic (w i |m j ):

[0067] IF identity i =m j :

[0068] P pessimistic (w i |m j ) = Accuracy i

[0069] ELSE:

[0070]

[0071] Unknown identity:

[0072]

[0073] For each identity m j Calculate the identity probability P pessimistic (m j |{w i}):

[0074]

[0075] Where UW is the unknown weight (configuration parameter), P = R + UW, R is the number of different observed identities, and Accuracy is... i =Through relevant factors w i The identity m assigned to the subject j The adjusted confidence score.

[0076] In an eighth possible implementation of the sixth implementation of the second aspect, the averaging is performed for each identity m j This is performed by calculating the average of the pessimistic certainty score and the optimistic certainty score:

[0077]

[0078] In a ninth possible implementation, based on the second aspect itself or any of the first to eighth implementations of the second aspect, the authentication factor-specific trust score of the authentication factor is related to the false acceptance rate of the authentication factor.

[0079] According to the second aspect itself or any of the first to ninth implementations of the second aspect, in the tenth possible implementation, the authentication factor-specific trust score of the authentication factor is the product of the system security score, which is a measure of the strength and degree of protection of various aspects of the authentication system.

[0080] In the eleventh implementation of the tenth aspect of the second aspect, the aspects of the authentication system for measuring strength and degree of protection include one or more of the following:

[0081] Proactive threat detection, system protection, sensitive data storage protection, network protection, connection protection, user authentication strength, and device credentials.

[0082] The various implementations of the device achieve the advantages and effects of the corresponding implementations of the method.

[0083] It should be noted that all devices, elements, circuits, units, and modules described in this application can be implemented in software or hardware elements or any combination thereof. All steps performed by the various entities described in this application, and the functions to be performed by the various entities described, are intended to refer to the respective entities performing the respective steps and functions. Although the specific functions or steps performed by external entities are not reflected in the detailed description of the specific elements of the entities performing the specific steps or functions in the following description of specific embodiments, those skilled in the art will understand that these methods and functions can be implemented by corresponding hardware or software elements or any combination thereof. It should be understood that various combinations of the features of the invention can be made without departing from the scope of the invention as defined in the appended claims.

[0084] Additional aspects, advantages, features, and objects of the invention will become apparent from the accompanying drawings and the detailed description of illustrative implementations as explained in conjunction with the appended claims. Attached Figure Description

[0085] The foregoing summary of the invention and the following detailed description of illustrative embodiments can be better understood when read in conjunction with the accompanying drawings. Exemplary structures of the invention are shown in the drawings to illustrate the invention. However, the invention is not limited to the specific methods and tools disclosed herein. Furthermore, those skilled in the art will understand that the drawings are not drawn to scale. Where possible, the same elements are represented by the same numbers.

[0086] The embodiments of the present invention will now be described with reference to the following figures, which are merely examples.

[0087] Figure 1A and 1B A flowchart of a method for an automated multi-factor authentication system provided by an embodiment of the present invention is shown;

[0088] Figure 2 This is an illustration of an exemplary scenario for generating an average confidence score, provided by an embodiment of the present invention;

[0089] Figure 3 This is a block diagram of the architecture of the device provided in the embodiments of the present invention;

[0090] Figure 4 This is the architecture of the automatic multi-factor authentication system provided in the embodiments of the present invention.

[0091] In the accompanying diagrams, underlined numbers indicate the item to which the underlined number is located or the item adjacent to the underlined number. Ununderlined numbers are associated with the item identified by the line linking the ununderlined number to that item. When a number is ununderlined but has an associated arrow, the ununderlined number identifies the general item pointed to by the arrow. Detailed Implementation

[0092] The following detailed description illustrates embodiments of the present invention and ways in which these embodiments can be implemented. Although some modes of implementing the invention have been disclosed, those skilled in the art will recognize that other embodiments for implementing or practicing the invention may also exist.

[0093] refer to Figure 1A and 1B A flowchart of a method 100 for an automated multi-factor authentication system provided by an embodiment of the present invention is shown. Method 100 includes steps 102, 104, 106, 108, and 110.

[0094] In step 102, method 100 includes, for each of at least two authentication factors, receiving an identity of the subject requesting authentication for the corresponding authentication factor to the multi-factor authentication system, the identity having an associated confidence score or an absolute identity having an implicit confidence score of 1. In other words, in step 102, at least two identities corresponding to at least two authentication factors are received, wherein one identity is assigned for each authentication factor.

[0095] Throughout this disclosure, the term "multi-factor authentication system" refers to an authentication system that verifies the identity of a subject by requiring authentication through multiple authentication factors. If multiple authentication factors are successfully verified, the subject's identity is successfully verified, and vice versa. For example, a multi-factor authentication system does not use only a single authentication factor (such as a password) to verify a user's identity, but rather uses other additional authentication factors, such as codes, answers to security questions, signatures, fingerprints, facial recognition, etc. It should be understood that multi-factor authentication systems provide multiple layers of security by verifying the identity of a subject through the use of multiple authentication factors. Preferably, increasing the number of authentication factors used reduces the risk of intruders accessing critical data. For convenience only, the term "multi-factor authentication system" will be referred to as "authentication system" below.

[0096] Here, the term "subject" refers to an entity. Typically, an entity is a person, but it can be, for example, a non-human animal, such as a pet or livestock. Thus, for instance, in a home environment, one could envision a pet access system based on passive biometrics to allow authorized pets (such as cats or dogs) to enter a fenced area (such as a residence) while preventing other animals (such as a neighbor's pet) from entering. Similarly, a livestock control system could manage livestock access based on passive biometrics, such as cows entering a milking facility.

[0097] The subject could also be an inanimate object, such as an autonomous drone that needs to deliver a specific package from one place to another. We can think of it as a mail carrier drone. The drone flies to the designated location to pick up the package, but it needs to be authenticated before carrying it. This authentication can be based on location, visual aids, and other sensors.

[0098] Here, the term "authentication factor" refers to the credentials used to authenticate the identity of a given subject in an authentication request. Examples of a given authentication factor may include, but are not limited to, passwords (e.g., numeric passwords, alphanumeric passwords, picture passwords, etc.), patterns, answers to security questions, personal identification numbers (PINs), software tokens, personal identity verification (PIV) cards, and biometric features.

[0099] Here, the term "identity" refers to the fact or statement that a subject is a specific entity. Identity can also be understood as the condition that a subject is the same as the specific entity associated with the authentication request.

[0100] Here, the term "authentication request" refers to a request to authenticate the identity of a subject. An authentication request can be issued by the requesting subject or automatically by a component or system—for example, in response to the presence of a subject / person in a specific location or context. The authentication request is sent to an authentication system to authenticate the identity of the requesting subject.

[0101] Each of the at least two authentication factors can be used to authenticate any one of the multiple identities. These multiple identities are associated with multiple entities.

[0102] As an example, the at least two authentication factors can authenticate one of multiple identities A1, A2, A3, A4, and A5. For instance, a known identity A3 can be assigned to a subject for at least two authentication factors. In other words, a subject can be identified as the known identity A3.

[0103] Each of the at least two authentication factors can also be used to identify the subject as an unknown identity, distinct from each of the plurality of identities. In one embodiment, when no match for the submitted data is found in the reference data, the subject is identified as an unknown identity, distinct from each of the plurality of identities. The unknown identity does not originate from the plurality of known identities.

[0104] Reference data associated with multiple identities can be stored in a data repository. The term "data repository" refers to hardware, software, firmware, or a combination of these for storing reference data in an organized (i.e., structured) manner, thereby enabling convenient storage, access (i.e., retrieval), updating, and analysis of the reference data. In one embodiment, a comparison between submitted data and reference data is performed at one or more front-ends of the authentication system.

[0105] The term "confidence score" refers to a score that represents the degree of confidence in the correctness of an assigned identity. In other words, the confidence score represents a measure of confidence that an identification of a subject has been correctly performed. When submitting data related to an authentication factor is compared with reference data, the subject is identified (as a known identity or an unknown identity) and has a confidence score for such identification.

[0106] Regardless of whether the information is encoded, the confidence score can be standardized to a range of 0 to 1. For the purposes of this invention, a low confidence score means low confidence in the identity assigned to the corresponding authentication factor, while a high confidence score means high confidence in the identity assigned to the corresponding authentication factor.

[0107] Here, the term "absolute identity" refers to the identity assigned based on an authentication factor, for which the input or reference either matches or does not match—for example, an access token may or may not be recognized, or a password may or may not match. Therefore, for example, when the authentication factor is a password, if the subject submits the correct password, the subject is assigned an identity based on that password; if the subject does not submit the correct password, the subject is not assigned an identity. Thus, if input data is submitted for an authentication factor that is identified as yes or no, the identification of the input data will make the identity assignment for that authentication factor 100% certain: that is, the "implicit confidence score" will be 1. It will be recognized that this authentication factor is a binary authentication factor. The term "binary authentication factor" refers to a type of authentication factor that is based on either fully recognizing (e.g., yes, true, or passed) or not recognizing (e.g., no, false, or failed) the subject's identity. Binary authentication factors are based solely on the two states of authentication: successful authentication (i.e., fully recognized) or unsuccessful authentication (i.e., not recognized). Binary authentication factors are inherently deterministic and leave no ambiguity in the authentication process. Examples of binary authentication factors include, but are not limited to, passwords, software tokens, and personal identification numbers (PINs). These binary authentication factors are associated with an implicit confidence score of 1.

[0108] Preferably, one or more of the at least two authentication factors are biometric authentication factors. The term "biometric authentication factor" refers to a type of authentication factor based on the physiological and / or behavioral characteristics of a subject. Biometric authentication factors are based on the inherent biological attributes of a subject. Examples of biometric authentication factors include, but are not limited to, fingerprints, thumbprints, palm prints, retinal patterns, iris patterns, voice patterns, vascular patterns, habitual behaviors, facial patterns, signatures, and typing rhythms.

[0109] In step 104, method 100 includes, for each authentication factor, adjusting the confidence score of the identity assigned to the authentication factor based on the authentication factor-specific trust score that reflects the reliability of the corresponding authentication factor, so as to obtain an adjusted confidence score value less than 1, wherein each adjusted confidence score has a corresponding uncertainty value, namely 1 minus the adjusted confidence score value.

[0110] Known multi-factor authentication-based decision systems often exhibit significant error rates when applied to real-world applications, such as Internet of Things (IoT) applications typically centered around biometric authentication systems. Existing methods for these systems are unsuitable for supporting the mixing of different categories of authentication factors (e.g., a mixture of biometric and binary authentication factors). This can be attributed to the fact that when one authentication factor has a confidence score of 1, it tends to outperform the others. For example, a binary authentication factor with a confidence score of 1 outperforms a biometric authentication factor. This makes the collaboration of authentication factors (i.e., authentication factor fusion) unfair and inefficient. Therefore, in step 104, an adjustment to the confidence score of each authentication factor is performed to provide the technical benefit of promoting a fair and efficient fusion of at least two authentication factors. Such an adjustment brings the confidence score closer to its real-world probability. In this case, decision-making using a multi-factor authentication system can be more accurate and reduce the error rate when applied to real-world applications.

[0111] It should be understood that Method 100 is well-suited to support the mixing of different categories of authentication factors. It will also be understood that Method 100 ensures the fair use of binary authentication factors in multi-factor authentication systems by reducing the implicit confidence (i.e., 1) of the binary authentication factors. After this reduction, the binary authentication factors are inherently continuous (i.e., have values ​​within a range, rather than just extreme values). Biometric authentication factors are generally already continuous in nature. Method 100 is well-suited to adjusting the confidence scores (including implicit confidence scores) of one or more authentication factors with administrative configurations (e.g., trust scores specific to the authentication factors) without any recalibration of Method 100. This enables Method 100 to effectively address the technical problem of decision inaccuracies associated with existing multi-factor authentication systems. Therefore, Method 100 can be reliably used in real-world systems (e.g., IoT-based systems) associated with the multi-factor authentication systems described herein.

[0112] The term "authentication factor-specific trust score" refers to a composite parameter dynamically calculated based on an authentication factor to adjust the confidence score assigned to an identity for that authentication factor. This allows the credibility of the authentication factor in terms of confidence score to be considered. The authentication factor-specific trust score can be adjusted based on security parameters. Here, for each identity, a corresponding authentication factor-specific trust score is calculated to improve the confidence score, thereby improving the decision accuracy of using a multi-factor authentication system.

[0113] A specific trust score for a given authentication factor can be calculated based on its static and dynamic parameters. Static and dynamic parameters include, for example, the reliability of the authentication factor, its protection level (i.e., security profile), and its attacker exposure score. These parameters are determined by experts and / or provided by external sources (such as attacker monitoring systems). It should be understood that the static parameters of the authentication factor are evaluated in advance, and the dynamic parameters are updated periodically. Both static and dynamic parameters can be collectively understood as security parameters.

[0114] The authentication factor-specific trust score can be assessed by a security auditor based on exemplary values ​​of minimum, partial, or full protection associated with the corresponding authentication factor. In this case, the authentication factor-specific trust score will be updated based on newly discovered weaknesses in the corresponding authentication factor (e.g., from the cloud). For this update to be achieved, a valid communication connection (e.g., an internet connection) is required between the security auditor's device and the authentication system.

[0115] The trust score evaluator can provide a basic trust score for each authentication factor based on the performance and evaluation of the protection level of authentication factors in different categories. In this regard, the trust score is evaluated for each component (e.g., algorithm, sensor, etc.) of the corresponding authentication factor. In this case, the trust score is selected as the lowest trust score among all components for a given component.

[0116] A factor-specific trust score for an authentication factor can be correlated with that factor's false acceptance rate (FAR). Here, the term "false acceptance rate" (FAR) refers to the number of instances in which a multi-factor authentication system falsely accepts input that would result in the authentication of an unauthorized subject. Typically, FAR is the ratio of the number of false acceptances to the total number of unauthorized subject identification attempts. The FAR of an authentication factor indicates the reliability of that authentication factor. Using FAR when calculating a factor-specific trust score can improve the accuracy of such trust score calculations.

[0117] A factor-specific trust score for an authentication factor can be correlated with that factor's false rejection rate. Here, the term "false rejection rate" (FRR) refers to the number of instances in which a multi-factor authentication system falsely rejects inputs that would result in the authorized subject being unauthenticated. Typically, FRR is the ratio of the number of false rejections to the total number of authentication attempts by the authorized subject.

[0118] The authentication factor-specific trust score can be calculated as a function of the false acceptance rate and / or false rejection rate of that authentication factor. It should be understood that the accuracy (A) of the authentication system is improved when the authentication factor-specific trust score is calculated based on FAR and FRR. Therefore, the decision-making process using the authentication system / or the decision-making process of the authentication system is improved. Mathematically, A = f1(FAR, FRR). Using method 100, unlike existing multi-factor authentication systems, adding new independent authentication factors continuously reduces the FRR in the multi-factor authentication system of this invention.

[0119] A biometric authentication factor's factor-specific trust score can be correlated with the spoof acceptance rate and imposter acceptance rate of the biometric authentication factor. The term "spoof acceptance rate" (SAR) refers to the number of instances where a multi-factor authentication system based on biometric authentication factors mistakenly accepts a record from an authorized subject to grant access to an unauthorized subject. This method of gaining access is commonly referred to as a spoofing attack. Typically, SAR is the ratio of the number of spoofing acceptances to the total number of spoofing identification attempts. In one example, for voice unlocking, the spoof acceptance rate would be correlated with instances where a recorded sample of the subject's voice is used to unlock a device (such as a smartphone) associated with the subject.

[0120] The term "imposter acceptance rate" (IAR) refers to the number of instances in a multi-factor authentication system based on biometric authentication factors that accept imposter input intended to mimic known input from an authorized subject. This method of gaining access using imposter input is commonly referred to as an imposter attack. Typically, IAR is the ratio of the number of imposter inputs accepted to the total number of imposter identification attempts. In one example, for voice unlocking, the imposter acceptance rate would be related to instances where an imposter attempts to mimic the subject's voice (using a similar tone and / or a similar accent) to unlock the device associated with the subject.

[0121] The authentication factor-specific trust score (AFTSS) of an authentication factor can be calculated as a function of the deception acceptance rate (DEF) and the imposter acceptance rate (IAR). Since different types of authentication factors are inherently different, they are associated with different SARs and IARs, indicating the reliability of these authentication factors. Considering the SAR and IAR of an authentication factor, the accurate AFTSS of that factor can be calculated. It should be understood that the accuracy of the authentication system improves when the AFTSS of each authentication factor is calculated based on SAR and IAR. This can be attributed to the fact that the accuracy provided by considering FAR and FRR is further improved (i.e., enhanced) by additionally considering SAR and IAR. Mathematically, this improved accuracy is A^ = A*f2(SAR, IAR). In other words, even with the addition of a minimum level of accuracy to the system, the accuracy of a multi-factor authentication system improves.

[0122] The authentication factor-specific trust score of an authentication factor is the product of its system security score, which is a measure of the strength and degree of protection of various aspects of the multi-factor authentication system. Here, the term "system security score" refers to a score indicating the security of the static and / or dynamic parameters of an authentication factor. Such a system security score for each authentication factor can be optionally assigned by a security expert. It should be understood that the system security score helps assess the likelihood of attacks on the multi-factor authentication system (e.g., spoofing attacks, impersonation attacks, etc.).

[0123] The authentication factor-specific trust score of an authentication factor is preferably a function of the system security score and the improved accuracy of the authentication system, where the improved accuracy is based on measurements of FAR, FRR, SAR, and IAR. Mathematically, the authentication factor-specific trust score = f(A^,S), where S is the system security score and A^ is the improved accuracy. Specifically, the authentication factor-specific trust score = f1(FAR,FRR)*f2(SAR,IAR)*S. By using the system security score when calculating the authentication factor-specific trust score of an authentication factor, the accuracy of the trust score calculation is improved, subsequently improving the authentication accuracy of the multi-factor authentication system.

[0124] The authentication factor specific trust score can be calculated based on at least one of the following: system security score, common vulnerability scoring system (CVSS) score, intelligence score, etc.

[0125] The aspects of a multi-factor authentication system for measuring strength and protection preferably include one or more of the following:

[0126] Proactive threat detection, system protection, sensitive data storage protection, network protection, connection protection, user authentication strength, and device credentials.

[0127] These aspects are crucial for the effective operation of a multi-factor authentication system; therefore, measuring their strength and level of protection is essential to accurately determine the system security score for each authentication factor. Unfortunately, in the event of an attack on a multi-factor authentication system, at least one of these aspects will be compromised.

[0128] Exemplary values ​​for the strength and protection of various aspects of a multi-factor authentication system are shown in Table 1 below.

[0129] Table 1

[0130]

[0131]

[0132] The system security score is preferably calculated by considering one or more of these aspects of the multi-factor authentication system. In one embodiment, the system security score (S) is calculated using at least one mathematical formula, such as:

[0133]

[0134] Among them, CategoryScore i This refers to a given level of protection or a given strength of protection for a given aspect. In the formula above, the exponent i varies from 1 to 11, corresponding to the 11 aspects mentioned in Table 1.

[0135] Returning to the method in Figure 1, in step 104, the authentication factor-specific trust score is combined with the confidence score (initially reported for each authentication factor) to adjust the value of the confidence score. In this respect, for each authentication factor, the (initially reported) confidence score is multiplied by the authentication factor-specific trust score to obtain the adjusted confidence score. In one example, for a given authentication factor, with a given confidence score of 0.8 (i.e., 80%) and an authentication factor-specific trust score of 0.7 (i.e., 70%), the adjusted confidence score is 0.56 (i.e., 56%). It should be understood that the adjusted confidence score is a more realistic confidence score for binary authentication factors, which otherwise have an implicit confidence score of 1. This helps multi-factor authentication systems effectively coordinate biometric authentication factors and binary authentication factors to achieve fair and efficient authentication factor fusion and provide better security protection. Thus, untrusted authentication devices will not be able to significantly influence the confidence score and / or authentication-based decisions, even if the relevant authentication factor is binary.

[0136] It should also be understood that for at least two authentication factors, the adjusted confidence score is less than 1, ensuring that no authentication factor outperforms others and unduly influences others simply because of a high level of confidence in the identity assigned to that factor. Furthermore, the "uncertainty value" of the adjusted confidence score is a measure of the uncertainty in assigning an identity to the corresponding authentication factor for that adjusted confidence score. This uncertainty may arise from errors that could occur during identity assignment. In the example above, for an adjusted confidence score of 0.56 (i.e., 56%), the uncertainty value would be 0.44.

[0137] In step 106, method 100 includes applying a pessimistic uncertainty model to the adjusted confidence score for each authentication factor to generate a pessimistic certainty score for each identity. When an identity is assigned to an authentication factor, the uncertainty of this assignment (represented by the uncertainty value of the adjusted confidence score corresponding to the given identity) will include the given identity. Therefore, for each authentication factor, the uncertainty is efficiently solved using a pessimistic uncertainty model. The pessimistic uncertainty model assumes that the uncertainty does not include the given identity. Thus, an adjusted confidence score value less than 1 corresponds to a given identity, while an uncertainty value does not correspond to a given identity. Therefore, the pessimistic uncertainty model is a minimum-boundary model. The pessimistic uncertainty model provides a realistic minimum boundary for the uncertainty value, thereby further enabling the estimation of the true real-world value of the confidence score.

[0138] A pessimistic uncertainty model can be based on the observation vector w for each certification factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j Calculate P pessimistic (w i |m j ):

[0139] IF identity i =m j :

[0140] P pessimistic (w i |m j ) = Accuracy i

[0141] ELSE:

[0142]

[0143] Unknown identity:

[0144]

[0145] For each identity m j Calculate the identity probability P pessimistic (m j |{w i}):

[0146]

[0147] Where UW is the unknown weight (configuration parameter), P = R + UW, and Accuracy i =Through relevant factors w i The identity m assigned to the subject j The adjusted confidence score.

[0148] In this respect, R is the number of distinct observed identities. For example, when six distinct identities are observed in six observations, R = 6. However, when only three distinct identities are observed in six observations, and these three distinct identities are repeated in two observations, R = 3.

[0149] It should be understood that the values ​​of the unknown weights are dynamic and based on preliminary research. Furthermore, the unknown weights can be changed as needed to produce better results. The unknown weights are pre-set as configuration parameters in the multi-factor authentication system. For example, if the unknown weight is 3, it means that the unknown identity will receive the weights of three identities in the uncertainty model calculation.

[0150] In the first example, there can be observation vectors, w1, w2, and w3, where each observation is a pair of observed identities and their adjusted confidence scores, such as (John, 0.81), (Paul, 0.72), and (John, 0.49). Here, the identity John (m1) can be assigned to the subject using correlation factors w1 and w3, while the identity Paul (m2) can be assigned to the subject using correlation factor w2. The unknown weight (UW) = 3, and R = 2 (because there are only 2 different observed entities, namely John and Paul). Therefore, the value is P = 2 + 3 = 5.

[0151] For the first authentication factor corresponding to w1, only the observed identity John is true.

[0152] Regarding John's identity,

[0153] P pessimistic (w1|m1)=Accuracy1=0.81

[0154] Regarding Paul's identity,

[0155]

[0156] Regarding the unknown identity,

[0157]

[0158] For the second authentication factor corresponding to w2, only the observed identity Paul is true.

[0159] Regarding John's identity,

[0160]

[0161] Regarding Paul's identity,

[0162] P pessimistic (w2|m2)=Accuracy2=0.72

[0163] Regarding the unknown identity,

[0164]

[0165] For the third authentication factor corresponding to w3, only the observed identity John is true.

[0166] Regarding John's identity,

[0167] P pessimistic (w3|m1)=Accuracy3=0.49

[0168] Regarding Paul's identity,

[0169]

[0170] Regarding the unknown identity,

[0171]

[0172] Furthermore, the probability of John's identity can be calculated as follows:

[0173]

[0174] The probability of Paul's identity can be calculated as follows:

[0175]

[0176] The probability of an unknown identity can be calculated as follows:

[0177]

[0178] These calculations in the first example relate to the calculation of the pessimistic model, which is performed when the pessimistic uncertainty model is applied to the adjusted confidence score in step 106 of method 100. Therefore, the identity probability P... pessimistic (m j |{w i}) is the pessimistic certainty score of identity.

[0179] In step 108, method 100 includes, for each authentication factor, applying an optimistic uncertainty model to the adjusted confidence score, the optimistic uncertainty model assigning a portion of the uncertainty value to the identity considered most likely based on the authentication factor, to generate an optimistic certainty score for each identity. In this respect, for each authentication factor, the uncertainty value is efficiently solved using the optimistic uncertainty model. As previously stated, when an authentication factor is assigned to a given identity, this assigned uncertainty includes a portion of the uncertainty for that given identity. The optimistic uncertainty model assumes that a portion of the uncertainty includes the given identity. In this case, the adjusted confidence score value less than 1 and the aforementioned portion of the uncertainty value correspond to the given identity, and the remaining portion of the uncertainty does not include the given identity. In other words, a portion of the uncertainty value is assigned to the identity considered most likely based on that authentication factor. Therefore, the optimistic uncertainty model is a maximum-boundary model. The optimistic uncertainty model provides a realistic maximum bound on the uncertainty value, thereby further enabling the estimation of the true real-world value of the confidence score.

[0180] The probability that a given identity is an authorized identity (i.e., a known identity) or an unauthorized identity (i.e., an unknown identity) can be calculated using concepts from Bayesian statistics and subjective logic. It should be understood that Bayesian probability calculations are not limited to optimistic and pessimistic uncertainty models, but also support better (i.e., more accurate) score fusion of multiple authentication factors. In this way, at least two authentication factors can be efficiently used in the authentication system.

[0181] An optimistic uncertainty model can be based on the observation vector w for each certification factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j Calculate P optimistic (w i |m j ):

[0182] IF identity i =m j :

[0183]

[0184] ELSE:

[0185]

[0186] Unknown identity:

[0187]

[0188] For each identity m j Calculate the identity probability P optimistic (m j |{w i}):

[0189]

[0190] Where UW is the unknown weight (configuration parameter), P = R + UW, and Accuracy i =Through relevant factors w i The identity m assigned to the subject j The adjusted confidence score.

[0191] Here, R is the number of distinct observed identities. The variables R and UW have been described in detail above in conjunction with the pessimistic model calculations.

[0192] Referring to and continuing with the first example below, for the first authentication factor corresponding to w1, only the observed identity John is true.

[0193] Regarding John's identity,

[0194]

[0195] Regarding Paul's identity,

[0196]

[0197] Regarding the unknown identity,

[0198]

[0199] For the second authentication factor corresponding to w2, only the observed identity Paul is true.

[0200] Regarding John's identity,

[0201]

[0202] Regarding Paul's identity,

[0203]

[0204] Regarding the unknown identity,

[0205]

[0206] For the third authentication factor corresponding to w3, only the observed identity John is true.

[0207] Regarding John's identity,

[0208]

[0209] Regarding Paul's identity,

[0210]

[0211] Regarding the unknown identity,

[0212]

[0213] Furthermore, the probability of John's identity can be calculated as follows:

[0214]

[0215] The probability of Paul's identity can be calculated as follows:

[0216]

[0217] The probability of an unknown identity can be calculated as follows:

[0218]

[0219] These calculations in the first example relate to the calculation of the optimistic model, which is performed when the optimistic uncertainty model is applied to the adjusted confidence score in step 108 of method 100. Therefore, the identity probability P... optimistic (m j |*w i}) is the optimistic certainty score of identity.

[0220] In step 110, method 100 includes, for each identity, averaging between the pessimistic certainty score and the optimistic certainty score of that identity to generate an average confidence score for that identity. Typically, the true (i.e., realistic) value of the confidence score for each identity lies between the pessimistic certainty score (which provides the minimum boundary for the value) and the optimistic certainty score (which provides the maximum boundary for the value) of that identity. It should be understood that the average of the pessimistic and optimistic certainty scores provides a better estimate of the true value of the confidence score for that identity.

[0221] On average, it can be achieved for each identity m jCalculate the average of the pessimistic certainty score and the optimistic certainty score to perform the operation.

[0222]

[0223] In this respect, P(*w i}) provides for each identity m j The best estimate of the true value of the confidence score.

[0224] Referring to and continuing from the first example, the average confidence score for John's identity is calculated as follows:

[0225]

[0226] Paul's average confidence score is calculated as follows:

[0227]

[0228] Typically, the score obtained does not need to be directly compared to the threshold. It can be further adjusted based on the decision-making module, such as taking environmental factors into account, or adjusting to a certain security level definition.

[0229] In one embodiment, method 100 further includes comparing the average confidence score of each identity with a predefined threshold and making a decision based on the comparison. In one embodiment, a decision module associated with the system performs the above comparison and decision operations. According to one embodiment, the decision module is implemented on the authentication system. According to another embodiment, the decision module is implemented on an external system communicatively coupled to the authentication system.

[0230] Method 100 corresponds to an algorithm that supports the fusion of fair authentication factors to improve the accuracy of decisions based on multiple authentication factors provided as input. When Method 100 is used in an IoT-based system that is external to and communicatively coupled to or integrated with a multi-factor authentication system, the authentication accuracy in the IoT-based system is improved.

[0231] As those skilled in the art will recognize, steps 106 and 108 can be performed simultaneously, rather than sequentially.

[0232] refer to Figure 2An exemplary scenario 200 for generating an average confidence score, provided by an embodiment of the present invention, is illustrated. This exemplary scenario 200 corresponds to steps 106, 108, and 110 of method 100. An average confidence score is generated to assign an identity (ID) to a subject referred to as “John” for an authentication factor. Here, the confidence score of the authentication factor (associated with the identity “John”) is 0.9 (i.e., 90%), and the authentication factor-specific trust score (TSC) is 0.89 (i.e., 89%). Therefore, the adjusted confidence score for subject “John” is 0.8 (the product of 0.9 and 0.89), which means that there is 80% certainty that the subject’s identity will be authenticated as “John”, and 20% uncertainty that the subject’s identity will be authenticated as “John”. The 20% uncertainty value associated with the adjusted confidence score is solved to verify the identity of subject “John”. When the pessimistic uncertainty model is applied to the adjusted confidence score, a pessimistic certainty score of 0.8 (i.e., 80%) means that there is an 80% certainty that the identity of subject "John" will be identified as "John". There is a 20% certainty that the identity of subject "John" will be identified as "not John" because the pessimistic uncertainty model assumes that the 20% uncertainty does not include subject "John". However, when the optimistic uncertainty model is applied to the adjusted confidence score, an optimistic certainty score of 0.84 (i.e., 84%) means that there is an 84% certainty that the identity of subject "John" will be identified as "John", where, for some portion of the 20% uncertainty (e.g., one-fifth), the optimistic uncertainty model assumes that the 20% uncertainty will include subject "John". In the optimistic uncertainty model, the 20% uncertainty is evenly distributed among known and unknown identities across all categories. Given one known identity "John" and four unknown identities, the 20% uncertainty is divided by 5. Therefore, the 80% certainty for John adds an additional 4% uncertainty. In this scenario, there is a 16% certainty that the identity of subject "John" will be certified as "not John". The category of unknown identity accounts for four-fifths of the 20% uncertainty. The true confidence score for subject "John" is greater than 80% (determined using a pessimistic uncertainty model) and less than 84% (determined using an optimistic uncertainty model). Furthermore, after averaging the pessimistic and optimistic certainty scores for identity, the average confidence score for subject "John" is equal to 82%.

[0233] refer to Figure 3This diagram illustrates a block diagram of the architecture of a device 300 provided in an embodiment of the present invention. The device 300 includes one or more processors (described as processor 302) and one or more computer-readable hardware storage devices (described as computer-readable hardware storage device 304). The one or more computer-readable hardware storage devices 304 store computer-executable instructions executable by the one or more processors 302, the computer-executable instructions causing the device 300 to perform the following operations:

[0234] - For each of at least two authentication factors, receive the identity assigned to the subject of the authentication request for the corresponding authentication factor, the identity having an associated confidence score or an absolute identity having an implicit confidence score of 1;

[0235] For each authentication factor:

[0236] - Based on the authentication factor specific trust score that reflects the reliability of the corresponding authentication factor, adjust the confidence score of the identity to obtain an adjusted confidence score value less than 1. Each adjusted confidence score has a corresponding uncertainty value, which is 1 minus the adjusted confidence score value.

[0237] - Apply a pessimistic uncertainty model to the adjusted confidence scores to generate a pessimistic certainty score for each identity;

[0238] - An optimistic uncertainty model is applied to the adjusted confidence scores, wherein for each authentication factor, a portion of the uncertainty value is assigned to the identity most likely based on that authentication factor, to generate an optimistic certainty score for each identity; thereafter

[0239] - For each identity, the pessimistic certainty score and the optimistic certainty score of the identity are averaged to generate the average confidence score for each identity.

[0240] Here, the term "processor" refers to hardware, software, firmware, or a combination thereof. One or more processors 302 control the operation of device 300. One or more processors 302 are communicatively coupled to one or more computer-readable hardware storage devices 304 in a wireless and / or wired manner. One or more processors 302 are used to perform method 100 by executing computer-executable instructions stored on one or more computer-readable hardware storage devices 304. Specifically, one or more processors 302 are used to perform at least steps 102, 104, 106, 108, and 110 of method 100.

[0241] Computer-executable instructions stored in one or more computer-readable hardware storage devices 304 cause a series of steps (i.e., steps 102 to 110 of method 100) to achieve fair fusion of authentication factors. One or more computer-readable hardware storage devices 304 include, but are not limited to, electronic storage devices, magnetic storage devices, optical storage devices, electromagnetic storage devices, semiconductor storage devices, portable computer floppy disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), static random access memory (SRAM), compact disc read-only memory (CD-ROM), digital versatile disk (DVD), memory sticks, floppy disks, mechanical encoding devices such as punched cards or raised structures in recesses recording instructions, or any suitable combination thereof.

[0242] refer to Figure 4 The diagram illustrates the architecture of an automated multi-factor authentication system 400 provided by an embodiment of the present invention. The multi-factor authentication system 400 includes a device 300. The multi-factor authentication system 400 is also shown as including a trust score evaluator 402, a decision module 404, and one or more sensors (described as sensors 406). In some implementations, the decision module 404 may be implemented in an external system. In this implementation, the decision module 404 is communicatively coupled to the device 300. As an example, the decision module 404 may be part of an IoT-based system, and may be able to make effective and accurate decisions for IoT applications based on authentication performed by the multi-factor authentication system 400. Similarly, each of the trust score evaluator 402 and one or more sensors 406 may be implemented in an external system. In this implementation, the trust score evaluator 402 and one or more sensors 406 are communicatively coupled to the device 300.

[0243] In one embodiment, one or more sensors 406 are implemented as one or more of the following: biometric sensors (e.g., fingerprint scanners, retinal scanners, cameras, microphones, touch-sensitive surfaces, etc.), input devices (e.g., touch-sensitive smartphones, computers, digital assistants, etc.). In one embodiment, one or more sensors 406 include at least two sensors, with each sensor corresponding to an authentication factor. In one embodiment, an authentication request is received through one or more sensors 406.

[0244] In conjunction with method 100, the various embodiments, operations and variations disclosed above are adapted to apparatus 300 with necessary modifications.

[0245] In device 300, one or more of at least two authentication factors may be biometric authentication factors.

[0246] In device 300, one or more of at least two authentication factors may be binary authentication factors.

[0247] In device 300, the factor-specific trust score of a biometric authentication factor can be correlated with the rate of acceptance of the biometric authentication factor for deception and the rate of acceptance of the impersonator.

[0248] In device 300, preferably, each of at least two authentication factors is used to authenticate any one of a plurality of identities.

[0249] In device 300, preferably, each of the at least two authentication factors is also used to identify the subject as an unknown identity that is different from each of the multiple identities.

[0250] In device 300, the optimistic uncertainty model is preferably based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j Calculate P optimistic (w i |m j ):

[0251] IF identity i =m j :

[0252]

[0253] ELSE:

[0254]

[0255] Unknown identity:

[0256]

[0257] For each identity m j Calculate the identity probability P optimistic (m j |*w i}):

[0258]

[0259] Where UW is the unknown weight (configuration parameter), P = R + UW, R is the number of different observed identities, and Accuracy is... i =Through relevant factors w i The identity m assigned to the subject j The adjusted confidence score.

[0260] In device 300, the pessimistic uncertainty model is preferably based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j Calculate P pessimistic (w i |m j ):

[0261] IF identity i =m j :

[0262] P pessimistic (w i |m j ) = Accuracy i

[0263] ELSE:

[0264]

[0265] Unknown identity:

[0266]

[0267] For each identity m j Calculate the identity probability P pessimistic (m j |*w i}):

[0268]

[0269] Where UW is the unknown weight (configuration parameter), P = R + UW, R is the number of different observed identities, and Accuracy is... i =Through relevant factors w i The identity m assigned to the subject j The adjusted confidence score.

[0270] In device 300, the average is preferably achieved by passing each identity m. jCalculate the average of the pessimistic certainty score and the optimistic certainty score to perform the operation.

[0271]

[0272] In device 300, the factor-specific trust score of the authentication factor is preferably related to the false acceptance rate of the authentication factor.

[0273] In device 300, the factor-specific trust score of the authentication factor is preferably the product of the system security score, which is a measure of the strength and degree of protection of various aspects of the authentication system 400.

[0274] In device 300, the certification system 400 for measuring its strength and level of protection preferably includes one or more of the following aspects:

[0275] Proactive threat detection, system protection, sensitive data storage protection, network protection, connection protection, user authentication strength, and device credentials.

[0276] Modifications to the embodiments of the invention described above may be made without departing from the scope of the invention as defined in the appended claims. The terms “comprising,” “combining,” “having,” “is,” and other expressions used to describe and claim the invention are intended to be interpreted in a non-exclusive manner, allowing for the presence of items, components, or elements not explicitly described. Singular references should also be interpreted as relating to the plural. The word “exemplary” as used herein means “as an example, instance, or illustration.” Any embodiment described as “exemplary” is not necessarily to be construed as more preferred or advantageous than other embodiments, and / or as excluding combinations of features from other embodiments. The word “optionally” as used herein means “provided in some embodiments and not in others.” It should be understood that, for the sake of brevity, certain features of the invention described in the context of a single embodiment may also be provided in combination in a single embodiment. Conversely, various features of the invention described in the context of a single embodiment for brevity may also be provided individually, in any suitable combination, or suited to any other described embodiment of the invention.

Claims

1. A method (100) for an automated multi-factor authentication system (400), characterized in that, The method (100) includes: For each of at least two authentication factors, the identity of the subject receiving the authentication request assigned to the authentication system (400) for the corresponding authentication factor, the identity having an associated confidence score or an absolute identity having an implicit confidence score of 1; For each authentication factor: Based on the authentication factor-specific trust score that reflects the reliability of the corresponding authentication factor, the confidence score assigned to the identity by the authentication factor is adjusted to obtain an adjusted confidence score value less than 1. Each adjusted confidence score has a corresponding uncertainty value, which is 1 minus the adjusted confidence score value. A pessimistic uncertainty model is applied to the adjusted confidence scores to generate a pessimistic certainty score for each identity; An optimistic uncertainty model is applied to the adjusted confidence scores, which assigns a portion of the uncertainty value to the identity deemed most likely based on the authentication factor, to generate an optimistic certainty score for each identity; thereafter... For each identity, the pessimistic certainty score and the optimistic certainty score of the identity are averaged to generate the average confidence score for each identity.

2. The method (100) according to claim 1, characterized in that, Each of the at least two authentication factors is used to authenticate any one of the multiple identities.

3. The method (100) according to claim 2, characterized in that, Each of the at least two authentication factors is also used to identify the subject as an unknown identity that is different from each of the plurality of identities.

4. The method (100) according to any one of claims 1 to 3, characterized in that, The optimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j ,calculate : IF identity i = m j : ELSE: Unknown identity: For each identity m j Calculate the probability of identity : Where UW is the unknown weight (configuration parameter), P = R + UW, and R is the number of distinct observed identities. =Through relevant factors The identity assigned to the subject The adjusted confidence score.

5. The method (100) according to claim 3, characterized in that, The pessimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j ,calculate : IF identity i = m j : ELSE: Unknown identity: For each identity m j Calculate the probability of identity : Where UW is the unknown weight (configuration parameter), P = R + UW, and R is the number of distinct observed identities. =Through relevant factors The identity assigned to the subject The adjusted confidence score.

6. The method (100) according to claim 5, characterized in that, The average is obtained by applying the average value to each identity m. j This is performed by calculating the average of the pessimistic certainty score and the optimistic certainty score: 。 7. The method (100) according to any one of claims 1 to 3, 5 to 6, characterized in that, One or more of the at least two authentication factors are biometric authentication factors.

8. The method (100) according to claim 7, characterized in that, The specific trust score of the biometric authentication factor is related to the deception acceptance rate and the imposter acceptance rate of the biometric authentication factor.

9. The method (100) according to any one of claims 1 to 3, 5 to 6, characterized in that, One or more of the at least two authentication factors are binary authentication factors.

10. The method (100) according to any one of claims 1 to 3, 5 to 6, characterized in that, The specific trust score of the authentication factor is related to the false acceptance rate of the authentication factor.

11. The method (100) according to any one of claims 1 to 3, 5 to 6, characterized in that, The authentication factor-specific trust score is the product of the system security score, which is a measure of the strength and protection of various aspects of the authentication system (400).

12. The method (100) according to claim 11, characterized in that, The aspects of the certification system (400) for measuring strength and level of protection include one or more of the following: Proactive threat detection, system protection, sensitive data storage protection, network protection, connection protection, user authentication strength, and device credentials.

13. An apparatus (300), characterized in that, The device includes: One or more processors (302); One or more computer-readable hardware storage devices (304) storing computer-executable instructions that can be executed by the one or more processors (302) to cause the device (300) to perform the following operations: For each of at least two authentication factors, receive the identity assigned to the subject of the authentication request for the corresponding authentication factor, the identity having an associated confidence score or an absolute identity having an implicit confidence score of 1; For each authentication factor: Based on the authentication factor specific trust score that reflects the reliability of the corresponding authentication factor, the confidence score of the identity is adjusted to obtain an adjusted confidence score value less than 1. Each adjusted confidence score has a corresponding uncertainty value, which is 1 minus the adjusted confidence score value. A pessimistic uncertainty model is applied to the adjusted confidence scores to generate a pessimistic certainty score for each identity; An optimistic uncertainty model is applied to the adjusted confidence scores, wherein for each authentication factor, a portion of the uncertainty value is assigned to the identity most likely based on that authentication factor, to generate an optimistic certainty score for each identity; thereafter... For each identity, the pessimistic certainty score and the optimistic certainty score of the identity are averaged to generate the average confidence score for each identity.

14. The apparatus (300) according to claim 13, characterized in that, Each of the at least two authentication factors is used to authenticate any one of the multiple identities.

15. The apparatus (300) according to claim 14, characterized in that, Each of the at least two authentication factors is also used to identify the subject as an unknown identity that is different from each of the plurality of identities.

16. The apparatus (300) according to claim 15, characterized in that, The optimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j ,calculate : IF identity i = m j : ELSE: Unknown identity: For each identity m j Calculate the probability of identity : Where UW is the unknown weight (configuration parameter), P = R + UW, and R is the number of distinct observed identities. =Through relevant factors The identity assigned to the subject The adjusted confidence score.

17. The apparatus (300) according to claim 15 or 16, characterized in that, The pessimistic uncertainty model is based on the observation vector w for each authentication factor. i The calculated value is for each observation vector w. i It is a pair of observed identities and adjusted confidence levels, and for each observation w i And each identity m j ,calculate : IF identity i = m j : ELSE: Unknown identity: For each identity m j Calculate the probability of identity : Where UW is the unknown weight (configuration parameter), P = R + UW, and R is the number of distinct observed identities. =Through relevant factors The identity assigned to the subject The adjusted confidence score.

18. The apparatus (300) according to claim 17, characterized in that, The average is obtained by applying the average value to each identity m. j This is performed by calculating the average of the pessimistic certainty score and the optimistic certainty score: 。 19. The apparatus (300) according to any one of claims 13 to 16, 18, characterized in that, One or more of the at least two authentication factors are biometric authentication factors.

20. The apparatus (300) according to claim 19, characterized in that, One or more of the at least two authentication factors are binary authentication factors.

21. The apparatus (300) according to claim 19, characterized in that, The specific trust score of the biometric authentication factor is related to the deception acceptance rate and the imposter acceptance rate of the biometric authentication factor.

22. The apparatus (300) according to any one of claims 13 to 16, 18, and 21, characterized in that, The specific trust score of the authentication factor is related to the false acceptance rate of the authentication factor.

23. The apparatus (300) according to any one of claims 13 to 16, 18, and 21, characterized in that, The authentication factor-specific trust score is the product of the system security score, which is a measure of the strength and protection of various aspects of the authentication system (400).

24. The apparatus (300) according to claim 23, characterized in that, The aspects of the certification system (400) for measuring strength and level of protection include one or more of the following: Proactive threat detection, system protection, sensitive data storage protection, network protection, connection protection, user authentication strength, and device credentials.