Adaptive multi-factor authentication system with multi-user permission strategy to access sensitive information

摘要

Systems and related methods for providing greater security and control over access to protected or classified resources, files and documents and other forms of sensitive information based upon an initial adaptive selection of multiple modalities for authentication in different operating environments, with subsequent multi-user permission strategy centering on organizational structure. The system calculates trustworthiness values of different authentication factors under various environmental settings, and combines a trust-based adaptive, robust and scalable software-hardware framework for the selection of authentication factors for continuous and triggered authentication with optimal algorithms to determine the security parameters of each of the authentication factors. A subset of authentication factors thus are determined for application at triggering events on-the-fly, thereby leaving no exploitable a priori pattern or clue for hackers to exploit. Upon authentication of an access request, based on the sensitivity or classification of the information being requested by a user, approvers are selected dynamically based on the work environment (e.g., mobility, use of the computing device seeking access, access policy, and the like). The selected sets of approvers are non-repetitive in nature.