In a network environment, devices are in data communication with other devices that may be physically distributed anywhere in the world. One of the technical challenges that occurs in a network environment deals with authenticating users and user devices to protect the system and network from data leakage, unauthorized access, and/or other malicious activities. For example, bad actors may attempt to perform malicious activities over the network such as data exfiltration or fraud.
Conventional systems use a fixed predetermined set of authentication rules for authenticating users. The number of authentication rules and type of authentication rules are fixed and set by the authenticating device. Modern networks include a wide variety of network devices with different types of functionality. Some devices may limit a user's ability to perform certain types of actions that may be necessary for satisfying one or more authentication rules. For example, an authentication rule may require some kind of biometric test, but the user's device may not have the ability to perform any kind of biometric test. Using a rigid set of authentication rules limits conventional systems and does not provide the flexibility to support a wide variety of devices with different types of functionality. Thus, it is desirable to provide a solution that offers flexible authentication that supports a variety of devices to provide increased network security.