CPC H04L 63/105 (2013.01) [G06N 20/00 (2019.01); H04L 63/0876 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
1. A computer-implemented method executed by an identity provider device, the computer-implemented method comprising:
receiving, from a service provider device associated with a service provider, a request for authentication of an access request associated with a client device;
selecting, from a plurality of custom access policies associated with a plurality of service providers, a custom access policy associated with the service provider, wherein the selected custom access policy indicates one or more types of device signals to use in determining a device trust score and indicates a plurality of access levels associated with the service provider, the plurality of access levels including at least a limited access level and a full access level;
receiving, from the client device, one or more device signals associated with one or more characteristics of the client device;
selecting, from the received one or more device signals and based on the one or more types of device signals indicated in the selected custom access policy, at least one device signal associated with at least one characteristic of the client device to use to determine the device trust score;
determining, using a machine learning model that receives the selected at least one device signal associated with the at least one characteristic of the client device as input, the device trust score for the client device;
generating, based at least in part on the device trust score, an authentication response for determining an access level, of the plurality of access levels, associated with access to one or more services of the service provider by the client device; and
providing, to the service provider device, the authentication response.
|