06691232 is referenced by 264 patents and cites 5 patents.

By including environment information in a security policy, a security architecture advantageously allows temporal, locational, connection type and/or client capabilities-related information to affect the sufficiency of a given credential type (and associated authentication scheme) for access to a particular information resource. In some configurations, time of access, originating location (physical or network) and/or connection type form a risk profile that can be factored into credential type sufficiency. In some configurations, changing environmental parameters may cause a previously sufficient credential to become insufficient. Alternatively, an authenticated credential previously insufficient for access at a given trust level may be sufficient based on a changed or more fully parameterized session environment. In some configurations, the use of session tracking facilites (e.g., the information content of session tokens) can be tailored to environmental parameters (e.g., connection type or location). Similarly, capabilities of a particular client entity (e.g., browser support for 128-bit cipher or availablity of a fingerprint scanner or card reader) may affect the availability or sufficiency of particular authentication schemes to achieve a desired trust level.

Title
Security architecture with environment sensitive credential sufficiency evaluation
Application Number
9/368504
Publication Number
6691232 (B1)
Application Date
August 5, 1999
Publication Date
February 10, 2004
Inventor
Yunas Nadiadi
Pinner Middx
US
Derk Norton
Louisville
CO, US
Michael B Dilger
Redwood City
CA, US
Thomas Pratt
Superior
CO, US
David L Wood
Louisville
CO, US
Agent
Zagorin O&apos Brien & Graham L
US
Assignee
Sun Microsystems
CA, US
IPC
G06F 1/27
View Original Source