Abstract: In an example, a method includes determining an operating environment of a device based on sensor data from a sensor of the device that senses surroundings of the device. Access to a resource may be controlled based on the operating environment and a status of a security feature of the device.

Abstract: A method for monitoring access to a user account comprises receiving a user account login status from a target service in response to a user login request, comparing the user account login status with an expected status value at a user apparatus, and on the basis of the comparison, performing at least one of: synchronising the status value at the user apparatus with the user account login status from the target service, and executing a user login update process at the user apparatus.

Abstract: Examples associated with user authentication are described. One example system includes a set of authentication modules. A data store stores data describing disruption ratings of members of the set of authentication modules. A user confidence module maintains a confidence rating that a current user of a device is an authenticated user of the device. The confidence module controls execution of the authentication modules based on the confidence rating and on the disruption ratings of the authentication modules. The user confidence module controls execution of relatively less disruptive authentication modules when the user confidence module is confident that the current user of the device is the authenticated user of the device. The user confidence module maintains the confidence rating based on feedback received from authentication modules.

Abstract: In one example in accordance with the present disclosure, a computing device is described. The computing device includes an encryption device to encrypt, using an encryption key, a document to be rendered. A generating device generates multiple shares of a decryption key using a secret-sharing scheme. A threshold number of the multiple shares allows decryption of the document. A transmit device transmits different shares of the multiple shares to different devices. The document is rendered when the threshold number of multiple shares are rejoined at a rendering device.

Abstract: A system and method for authentication are described herein. An authentication request is received at a combiner proxy (350). The combiner proxy (350), is arranged to receive a user authentication request, receive one or more share values from one or more communications devices (330A, . . . , 330N) where each of the communications devices (330A, . . . 330N) stores at least one share value of a set of share values and determine if one or more share values that have been received from the communications devices (330A, . . . , 330N) meet a quantitative criteria. The combiner proxy (350) is arranged to authenticate the user if the received share values meet the quantitative criteria.

Abstract: Examples associated with user authentication are described. One example system includes a set of authentication modules. A data store stores data describing disruption ratings of members of the set of authentication modules. A user confidence module maintains a confidence rating that a current user of a device is an authenticated user of the device. The confidence module controls execution of the authentication modules based on the confidence rating and on the disruption ratings of the authentication modules. The user confidence module controls execution of relatively less disruptive authentication modules when the user confidence module is confident that the current user of the device is the authenticated user of the device. The user confidence module maintains the confidence rating based on feedback received from authentication modules.

Abstract: In one example in accordance with the present disclosure, a computing device is described. The computing device includes an encryption device to encrypt, using an encryption key, a document to be rendered. A generating device generates multiple shares of a decryption key using a secret-sharing scheme. A threshold number of the multiple shares allows decryption of the document. A transmit device transmits different shares of the multiple shares to different devices. The document is rendered when the threshold number of multiple shares are rejoined at a rendering device.

Abstract: A method for location-based authentication of a device comprises receiving multiple device location fingerprints generated using respective ones of multiple device sensors, comparing the device location fingerprints with corresponding respective environment fingerprints generated using respective ones of multiple static sensors and generating a token for the device to authorise it to use one or more selected services.

Abstract: Examples associated with distributed authentication are described. One example includes generating a paired public key and private key associated with a user. The private key is split into a set of shares, which are distributed to a set of devices associated with the user. A challenge is generated to authenticate the user to grant the user access to a resource upon receiving an authenticating response to the challenge. The challenge is distributed to members of the set of devices. Partial responses are received from members of the set of devices and combined into a group signature. The group signature serves as an authenticating response to the challenge when generated from partial responses received from a threshold number of members of the set of devices.

Abstract: A method for monitoring access to a user account comprises receiving a user account login status from a target service in response to a user login request, comparing the user account login status with an expected status value at a user apparatus, and on the basis of the comparison, performing at least one of: synchronising the status value at the user apparatus with the user account login status from the target service, and executing a user login update process at the user apparatus.

Abstract: Examples associated with distributed authentication are described. One example includes generating a paired public key and private key associated with a user. The private key is split into a set of shares, which are distributed to a set of devices associated with the user. A challenge is generated to authenticate the user to grant the user access to a resource upon receiving an authenticating response to the challenge. The challenge is distributed to members of the set of devices. Partial responses are received from members of the set of devices and combined into a group signature. The group signature serves as an authenticating response to the challenge when generated from partial responses received from a threshold number of members of the set of devices.

Abstract: A system and method for authentication are described herein. An authentication downrequest is received at a combiner proxy (350). The combiner proxy (350), is arranged to receive a user authentication request, receive one or more share values from one or more communications devices (330A, . . . , 330N) where each of the communications devices (330A, . . . 330N) stores at least one share value of a set of share values and determine if one or more share values that have been received from the communications devices (330A, . . . , 330N) meet a quantitative criteria. The combiner proxy (350) is arranged to authenticate the user if the received share values meet the quantitative criteria.

Abstract: In an example, a method includes determining an operating environment of a device based on sensor data from a sensor of the device that senses surroundings of the device. Access to a resource may be controlled based on the operating environment and a status of a security feature of the device.

Abstract: A system and method for authentication are described herein. An authentication request is received at a combiner proxy (350). The combiner proxy (350), is arranged to receive a user authentication request, receive one or more share values from one or more communications devices (330A, . . . , 330N) where each of the communications devices (330A, . . . 330N) stores at least one share value of a set of share values and determine if one or more share values that have been received from the communications devices (330A, . . . , 330N) meet a quantitative criteria. The combiner proxy (350) is arranged to authenticate the user if the received share values meet the quantitative criteria.

Abstract: A system and method for authentication are described herein. An authentication request is received at a combiner proxy (350). The combiner proxy (350), is arranged to receive a user authentication request, receive one or more share values from one or more communications devices (330A, . . . ,330N) where each of the communications devices (330A, . . . 330N) stores at least one share value of a set of share values and determine if one or more share values that have been received from the communications devices (330A, . . . ,330N) meet a quantitative criteria. The combiner proxy (350) is arranged to authenticate the user if the received share values meet the quantitative criteria.

Abstract: Examples associated with distributed authentication are described. One example includes generating a paired public key and private key associated with a user. The private key is split into a set of shares, which are distributed to a set of devices associated with the user. A challenge is generated to authenticate the user to grant the user access to a resource upon receiving an authenticating response to the challenge. The challenge is distributed to members of the set of devices. Partial responses are received from members of the set of devices and combined into a group signature. The group signature serves as an authenticating response to the challenge when generated from partial responses received from a threshold number of members of the set of devices.

Abstract: A system and method for authentication are described herein. An authentication request is received at a combiner proxy (350). The combiner proxy (350), is arranged to receive a user authentication request, receive one or more share values from one or more communications devices (330A, . . . ,330N) where each of the communications devices (330A, . . . 330N) stores at least one share value of a set of share values and determine if one or more share values that have been received from the communications devices (330A, . . . ,330N) meet a quantitative criteria. The combiner proxy (350) is arranged to authenticate the user if the received share values meet the quantitative criteria.