Authorial, Adaptive Method of Users' Authentication and Authorization

摘要

The main goal of this paper was to introduce an adaptive method of users' authentication and authorization. By adaptive one can understood having an ability to suit different conditions (namely different users devices, different user's profiles and different users behaviors). Over a time working conditions and habits have changed and employees may often use own devices from different locations to connect compa-nys resources. This situation poses a severe threat to security, and tightening security rules is not always an option. This brought a need of an adaptive system, which would choose methods adequate to the current threat level. Presented authorial solution not only minimizes the risk of unauthorized access to companys data, but also simplifies users' authentication process. Example implementation and performed test scenarios showed that taken approach works and all theoretical assumptions are valid and possible to implement in the real world scenario.