Overview of context-based access
Context-based access provides access decision and enforcement based on a dynamic risk assessment or confidence level of a transaction. Context-based access uses behavioral and contextual data analytics to calculate risk.
- Improves security during authentication and authorization of business transactions.
- Assesses risk based on static, contextual, and analytically calculated attributes.
- Calculates a risk score based on multiple weighted attributes.
- Provides policy rules that determine whether an access request must be permitted, denied, or challenged.
We can configure context-based access to:
- Silently register or require users to register commonly used devices.
- Associate the registered devices with user credentials.
- Present a challenge or request additional authentication, if the user attempts to authenticate with the same credentials from another unregistered device.
- Enforce specific authentication mechanisms to access a particular protected resource.
- Use the behavioral patterns of the user as a factor in risk score calculation. For example, a user might attempt to access a protected resource at a time outside of normal business hours. We can configure the context-based access policy to deny access or force the user access to authenticate with a secondary challenge.
See also
Parent topic: Advanced Access Control administration