In order to gain access to sensitive information or other resources, users are often required to authenticate themselves by entering authentication information. Some users attempt to gain access to such information with credentials obtained fraudulently from a legitimate account holder. Adaptive authentication techniques, for example, identify fraudulent users even though such users possess credentials to gain access to a legitimate user's account information. Adaptive authentication techniques typically compare information associated with a login attempt received by the service provider, such as the time of the login and a location from where the login originated, with a historical record of a typical user who exhibits some expected login behavior.
Adaptive authentication techniques apply a challenge to risky transactions, where the riskiness estimation arrives from a fraud/genuine classifier. The response to the challenge is used to classify the transaction as being genuine or fraudulent. Conventional authentication services typically either grant users full access to sensitive data or no access at all. The context of a user (such as user location, user access privileges defined by a user role and characteristics of the user device) is used to determine which combination of authentication factors (e.g., a device fingerprint and/or a password) is required to gain trust in the user's intention and grant access to the queried sensitive data.
Existing authentication systems typically aim to ensure that data is available only to those entities that are authorized to obtain it. Privacy goals, however, also require that even authorized entities are constrained in terms of how they use the data. A Mediated Privacy (MP) model has been proposed to grant access to sensitive data for specific types of usage, such as allowing filtered queries or selective data transfer. See, e.g., John Linn, “On Technology and Internet Privacy,” IAB/W3C/ISOC/CSAIL Internet Privacy Workshop, Cambridge, Mass. (December 2010), or John Linn, “Technology and Web User Data Privacy: A Survey of Risks and Countermeasures,” IEEE Security & Privacy 3(1): 52-58 (2005). The Mediated Privacy (MP) model, however, provides access to at least portions of the sensitive data.
A need remains for access control systems that mediate access to derivatives of sensitive data.