Abstract: A method of dynamic adaptive authentication includes receiving a request from a user to access a resource of a network and determining whether the resource is protected. In response to determining that the resource is protected, a dynamic authentication chain is generated. The dynamic authentication chain includes a plurality of authentication schemes that are arranged in a particular order. The method also includes challenging the user with the dynamic authentication chain and receiving a set of credentials from the user based at least in part on the particular order of the dynamic authentication chain. The method includes determining whether the set of credentials satisfies the dynamic authentication chain. In response to determining that the set of credentials satisfies the dynamic authentication chain, the user is authenticated.

Abstract: Techniques are disclosed relating to assessing the container-readiness of a software application. In some embodiments, a computer system performs an assessment of the container-readiness of a software application relative to a specified containerization procedure. The assessment may be based on a plurality of parameters associated with the software application. In some embodiments, the assessment includes parsing program code associated with the software application to determine, for one or more static parameters, corresponding static parameter scores. The assessment may further include analyzing runtime information corresponding to the software application to determine a runtime parameter score for at least one runtime parameters. Further, the assessment may include generating a container-readiness value for the software application based on the runtime parameter score and the static parameter scores.

Abstract: A multifactor authentication system is implemented to enable interactive access to a secure application. A request to access a secure application can be received via a client device which can initially perform a credential exchange with a server associated with the secure application. Based on an indication that a credential exchange is valid, a secondary authentication request can to be sent to the client device to initiate multifactor authentication. An authentication check issued by an entity associated with the secure application can be scanned at the client device to, and an identification indicator associated with the authentication check and/or a signature of a user of the client device can be extracted. The identification indicator and the signature can be verified or otherwise authenticated, and access to the secure application via the client device can be enabled.

Abstract: To increase the effectiveness of push authentication, a push authentication can be augmented with another authentication factor. A push authentication can be augmented with the “what you know” factor, effectively merging the “what you know” factor into the “what you have” factor. Using a collection of “what you know” factor queries (e.g., knowledge-based questions), an authentication server can select a subset of the “what you know” factor queries and incorporate the selected one or more factor queries into a message that conveys the push authentication notification.

Abstract: A secure protocol has been developed that reduces the number of transactions associated with multifactor authentication (MFA) systems. An identity provider determines authentication factors which satisfy an application assurance level and constructs a credential collection file with input elements corresponding to the determined factors. The identity provider communicates the file to a client for collection of corresponding credentials. After submission of credential data, the collected set of credentials or credential data (“MFA credential set”) is returned to the identity provider for verification. The identity provider does not redirect to the client for additional transactions until after verifying the MFA credential set. In addition to reducing MFA communication overhead for a client, the credential collection file is based on a structure or schema that can be edited to adapt to changes in assurance level and authentication mechanisms.

Abstract: A method of dynamic adaptive authentication includes receiving a request from a user to access a resource of a network and determining whether the resource is protected. In response to determining that the resource is protected, a dynamic authentication chain is generated. The dynamic authentication chain includes a plurality of authentication schemes that are arranged in a particular order. The method also includes challenging the user with the dynamic authentication chain and receiving a set of credentials from the user based at least in part on the particular order of the dynamic authentication chain. The method includes determining whether the set of credentials satisfies the dynamic authentication chain. In response to determining that the set of credentials satisfies the dynamic authentication chain, the user is authenticated.