Embodiments generally relate to computing device security. More particularly, embodiments relate to facilitating varied device access based on authentication scoring.
Computing device security can be a concern in a wide variety of user-based contexts such as electronic commerce (e-commerce), online banking, business to business (B2B) transactions, and so forth. Developments in multi-factor authentication (MFA) may provide for the use of multiple authentication interfaces, devices and/or sensors (e.g., “factors”) such as password entry interfaces, smart cards and one time password (OTP) transceivers to increase confidence in the user authentication process. Accordingly, MFA policies may be developed based on first order Boolean logic, where the combination of factors are governed by AND, OR and NOT operators on sets of factors.
The range of possible factors is typically not fixed, however, because device innovation can drive the creation of new factor types. As a result, updating MFA policies can present significant administrative and processing overhead challenges, particularly when many different computing nodes and/or service providers involved in providing services to client devices each have different administrative authority. Indeed, the lack of a universal policy language to express MFA policies may lead to the use of multiple different languages (e.g., XACML/eXtensible Access Control Markup Language, Javascript, HTML/Hypertext Markup Language, JSON/Javascript Object Notation) to encode MFA policies for consumption by a broad spectrum of computing nodes and service providers. Such an approach may further increase administrative and processing overhead.