Abstract: A computer implemented method of access control for a user device having at least one component for determining behaviors of the user. The method including accessing a first machine learning classifier trained based on at least one prior behavior of the user using the device, the classifier classifying user behavior as compliant or non-compliant. The method further including, in response to a determination that a subsequent behavior is classified as non-compliant, accessing a second machine learning classifier trained based on at least one prior behavior of the user using the device where the prior behavior is classified as non-compliant by the first classifier. The method further including, in response to a determination that the subsequent behavior is classified as non-compliant by the second classifier, requesting a credential-based authentication of the user and constructively training one of the machine learning classifiers based on the credential-based authentication result.

Abstract: A computer implemented method for authenticating a user, the method including receiving an authentication request from a first computer system, the authentication request including an indication of an identity of the user to be authenticated; receiving one or more authentication factors for verifying the identity of the user, the one or more authentication factors including at least one authentication factor obtained from a second computer system associated with the user having the indicated identity; receiving an auxiliary authentication factor, the auxiliary authentication factor comprising data for verifying that the second computer system is currently in the possession of the user having the indicated identity; and verifying the identity of the user based on the one or more authentication factors and the auxiliary authentication factor.

Abstract: A computer implemented method of adapting a configuration of a software defined network to improve a measure of network performance towards an objective measure of performance, the network including a plurality of network nodes communicating via the network, the method including each node applying an evolutionary algorithm to generate a candidate adjusted configuration for the network and, responsive to a determination that the candidate provides an improvement to the measure of network performance, the node storing the candidate in a distributed database accessible to the nodes for access by other nodes; each node accessing candidate adjusted configurations in the distributed database and determining a performance of the network provided by each accessed candidate, wherein each node records the determined performance provided by a candidate in the database in association with the candidate, such that a candidate adjusted configuration providing a greatest improvement to the measure of network performance is

Abstract: A method of pairing a user device with a remote system. The user device communicates with an intermediary device via a secure communication channel to cause a secret key generated by the remote system to be received by the user device, from the intermediary device. The secret key is thereby assigned to the user device. The user device establishes communication with the remote system to pair the user device with the remote system using the secret key, such that data sent from the user device to the remote system is encrypted using the secret key and data received by the user device from the remote system is decrypted using the secret key.

Abstract: There is provided a computer implemented method for accessing a resource at a computing device, as well as for controlling access to a resource by a computing device. The computing device receives a policy indicating a set of conditions under which access to the resource is permitted, determines whether each of the conditions are initially present based on an output of one or more sensors of the device, and monitors the one or more sensors to detect a change in the presence of one or more of the conditions. In response to detecting the change in the presence of one or more of the conditions, the computing device determines whether each of the conditions are present. In response to determining that each of the conditions is present, access to the resource is enabled. If at least one of the conditions is not present, access to the resource is prevented.

Abstract: Computer implemented methods for enrolling a user as an authenticated user of a computing device and for authenticating a user of a computing device are provided. The methods make use of behavioral biometrics to determine a set of shares that represent a secret credential according to a secret sharing scheme. The set of shares is initially determined when the user is enrolled based on typical measurements of the user's behavioral biometrics and authentication data indicating how to generate the set of shares from a user's behavioral biometrics is generated. When authenticating the user, the computing device can generate the set of shares based on the authentication data and measurements of the current user's behavioral biometrics. The computing device can use the generated set of shares to recreate a copy of the secret credential with which to authenticate the user.

Abstract: A computer implemented method of access control for a user device having at least one component for determining behaviours of the user, the method comprising: defining a training period during which access to the device is determined based on a credential-based authentication scheme wherein each access determination is used to generate an item of training data including at least a result of the credential-based authentication and a behaviour of the user; training a machine learning classifier based on the training data such that the classifier is operable to classify user behaviour as compliant or non-compliant such that compliant behaviour is determined by the classifier to be consistent with prior behaviour for permitting access to the device subsequent to the training period; and responsive to a determination that a behaviour subsequent to the training period is classified as non-compliant, requesting a credential-based authentication of the user and permitting access to the device in response to the crede

Abstract: A computer implemented method of access control for a user device having at least one component for determining behaviors of the user. The method including accessing a machine learning classifier trained based on at least one prior behavior of the user using the device, the classifier classifying user behavior as compliant or non-compliant such that compliant behavior is determined by the classifier to be consistent with prior behavior for permitting access to the device. The method further includes, in response to a determination that a subsequent behavior is classified as non-compliant, requesting a credential-based authentication of the user and permitting access to the device in response to the credential-based authentication, wherein permitting access to the device further includes constructively training the classifier based on the subsequent behavior as a compliant behavior by providing the subsequent behavior as an additional training example.

Abstract: A computer implemented method of access control for a user device having at least one component for determining behaviors of the user. The method including accessing a first machine learning classifier trained based on at least one prior behavior of the user using the device, the classifier classifying user behavior as compliant or non-compliant. The method further including, in response to a determination that a subsequent behavior is classified as non-compliant, accessing a second machine learning classifier trained based on at least one prior behavior of the user using the device where the prior behavior is classified as non-compliant by the first classifier.