The simple definition of an event is the result of something happening. The simple definition of a process is series of actions or operations conducing to an end. Seeing a butterfly is an event, while understanding how a caterpillar metamorphizes into a butterfly is a process. For decades, people have made decisions based on either an event or a process. There is also a corollary to how cybersecurity solutions authenticate user credentials.
Continuous Versus Binary
Authentication solutions started out with the simple premise of keeping the bad guys out of secure perimeters (i.e. networks, applications, cloud services, etc). This binary (event-driven) approach assumed that once identified a valid credential that it couldn’t be used to do malicious things inside the perimeter. It turns out that this premise was pretty far from the actual truth. Thus, the requirement for continuous (process-driven) authentication was born.
A CSO Magazine article titled “Continuous authentication: Why it’s getting attention and what you need to know” quotes an IDC Security Products Research Director describing continuous authentication as being:
“Continuous authentication is form of dynamic, risk-based authentication, [which] changes the perspective of authentication from an event to a process,” says Frank Dickson, a research director within IDC's Security Products research practice.
“Dynamic, risk-based authentication examines attributes that change and continually looks to validate the authentication,” Dickson says. Currently, most of the use cases for this type of authentication are based on analyzing the manner in which a person interacts with a device such as a smartphone or notebook, he says.
The primary idea is that authentication takes place throughout the entire time a user is accessing a network or using an application instead of just upon startup. These technologies work transparently in the background, analyzing how users behave. Things like the way a user types on the keyboard, how quickly they move between the keys, how long they press a key, and how they swipe on mobile devices, are tracked and used as part of the process instead of relying on a single event.
This analysis of user behaviors can deliver an extremely high likelihood that a particular user is the person they claim to be. Given that everyone acts in unique ways when working at a keyboard or other access device, this becomes a form of immutable identity authentication.
You should also check out what we’ve written on continuous authentication and what it can do for your business here. But just relying on a continuous solution is not enough. You should also combine continuous with risk-based (i.e. process-driven) for a more complete solution.
Process Versus Event-Driven
We have written previously on the vulnerabilities of passwords, and the need to develop and use alternative methodologies and technologies that avoid further password reuse and fatigue. Understanding that the best solution takes a process versus an event-driven approach, CISOs are now looking to risk-based authentication solutions. According to Wikipedia risk-based authentication is
“a non-static authentication system which takes into account the profile of the agent requesting access to the system to determine the risk profile associated with that transaction. The risk profile is then used to determine the complexity of the challenge. Higher risk profiles lead to stronger challenges, whereas a static username/password may suffice for lower-risk profiles. Risk-based implementation allows the application to challenge the user for additional credentials only when the risk level is appropriate.”
Combining both a continuous and risk-based approach to authentication is best exemplified by continuous cognitive authentication solutions.
Cognitive Continuous Authentication
Acceptto’s eGuardian engine continuously creates, and monitors user behavior profiles based on the user interaction with the It’sMe authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian is capable of autonomously and continually learning new policies and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral AIML approach automatically finds the optimal policy for each transaction. eGuardian leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate your identity prior to, during and post-authentication.
Check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.