Systems for dynamically evaluating and controlling access to applications and systems are presented. In some examples, registration data may be received. In some examples, unauthorized activity data may be received. The unauthorized activity data may be analyzed to identify one or more vulnerable applications. Users of the one or more vulnerable applications may then be identified. Entitlements for the one or more vulnerable applications may be identified and, in particular, entitlements having privileged access may be identified. Users having entitlements with privileged access may be identified and one or more modified authentication requirements may be implemented.

In some implementations, a device of a network may receive, from a user equipment (UE), a request associated with enabling the UE to access a network, wherein the request includes a first routing indicator. The device may identify an authentication manager, of the network, that is mapped to the first routing indicator in an entry of a routing table of the network. The device may route the request to the authentication manager of the network to permit the authentication manager to authenticate the UE. The device may purge, based on the request being routed to the authentication manager, the entry to remove the first routing indicator from the routing table. The device may store, after purging the entry, a second routing indicator in the entry to map the second routing indicator to the authentication manager, wherein the second routing indicator is different from the first routing indicator.

An information sending method includes receiving, by a first application, request information sent by a second application, where the request information carries association information of the second application, the first application is running in a first operating system, the second application is running in a second operating system, the first operating system includes a first network interface, and the second operating system includes a second network interface. The method also includes receiving, by the first application, a first message from an external network by using the first network interface; and extracting, by the first application, first information from the first message according to the association information of the second application, and sending the first information to the second application, so that the second application sends, by using the second network interface, the first information to an application server corresponding to the second application.

Detecting scam is disclosed. A sender, having a first email address, is associated with a set of secondary contact data items. The set of secondary contact data items comprises at least one of a phone number, a second email address, and an instant messaging identifier. It is determined that an email message purporting to originate from the sender's first email address has been sent to a recipient. Prior to allowing access by the recipient to the email message, it is requested, using at least one secondary contact item, that the sender confirm that the email message was indeed originated by the sender. In response to receiving a confirmation from the sender that the sender did originate the email message, the email message is delivered to the recipient.

A multi-factor authentication method and system is provided such that a push notification during an authentication process is only received if a mobile device and user are authenticated prior to receiving the push notification. Either the mobile device itself or a second device sending the push notification may be programmed to either reject or not forward the authentication request. Additionally, using the method of the present invention, enhanced security is provided by requiring the location of the mobile device and the second device to be approximately in the same geographical location.

This disclosure provides methods and systems for performing authentication in a virtual reality environment. In some implementations, the system receives a request for access to a virtual reality financial center requiring authentication from a user. The system can collect user identification information that identifies the user and verification information required to verify the user's identity via a virtual reality platform.

Systems and methods for monitoring user authenticity during user activities in a user session on an application server is provided. The method being carried out in a distributed manner by a distributed server system. The method comprises a user modeling-process and a user-verification process. The user-modeling process is performed on a user-model server in which a user model is adapted session-by-session to user activity data received from the application server. The user-verification process is performed on the application server on the basis of the user model adapted on the user-model server. The user-verification process comprises comparing the user model with features extracted from user activity in the user session on the application server and determining a total risk-score value based on the comparison. If the total risk-score value is greater than a given threshold, a corrective action is performed.

Systems and methods for monitoring user authenticity according to user activities on an application server. A user-modeling process and a user-verification process are performed. In the user-modeling process, a user model is adapted session-by-session to user activities in which the user model includes a plurality of adaptive feature-specific user-behavior models. The user-verification process includes determining a plurality of feature-specific risk-score values, comparing the at least one of the adaptive feature-specific user-behavior models with a respective feature extracted from user activity in the user session on the application server, and determining a total risk-score value indicative of user authenticity by weighting and combining the plurality of feature-specific risk-score values. If the total risk-score value is greater than a given threshold, a corrective action is performed.

A first authenticator payload is obtained that includes a first authenticator random value. A first authenticator encrypted file is generated with an authenticator public key that is related to a client authenticator application. The first authenticator encrypted file is generated based on a first cryptographic algorithm. The first authenticator encrypted file includes the first authenticator payload. A first target payload is obtained that includes a first target random value. A first target encrypted file is generated with the first authenticator random value. The first target encrypted file is generated based on a second cryptographic algorithm. The first target encrypted file includes the first target payload.

An intelligent electronic device (IED) includes memory and a processor operatively coupled to the memory. The processor is configured to establish, over a communication network of a power system, a communication link according to a media access control security (MACsec) Key Agreement (MKA). The TED receives a plurality of access control secure association keys (SAKs) via the communication link. The TED receives one or more checked-out SAKs indicating a request to access the TED The TED allows access based on the one or more checked-out access control SAKs matching at least one of the plurality of access control SAKs.