Unsecured asset detection via correlated authentication anomalies
A method, apparatus and computer program product for detecting that a computing device may not be secure based on inconsistent identity associations identified during Federated Single Sign-On (F-SSO). A detection proxy detects when a user with a particular session is accessing an identity provider (...
Saved in:
Main Authors | , , , |
---|---|
Format | Patent |
Language | English |
Published |
09.09.2014
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | A method, apparatus and computer program product for detecting that a computing device may not be secure based on inconsistent identity associations identified during Federated Single Sign-On (F-SSO). A detection proxy detects when a user with a particular session is accessing an identity provider (IdP) that is associated with an account that is not the current user's account. When a user performs a login to an F-SSO-enabled IdP, the proxy performs an F-SSO, and the results are compared with known aliases for that particular federation partner. If an anomaly is detected (e.g., the in-line device sees that a user logs into a web site as someone else), a workflow is initiated to perform a given action, such as blocking access, issuing an alert, or the like. |
---|---|
Bibliography: | Application Number: US201213547722 |