*[-IAM, RRT]* Apart from the business transaction value, following factors can be considered for risk calculation.
1. Environment - IP, network, geographical location, time of the day, device/OS/Device fingerprinting 2. Context - Previous successful login time, consecutive invalid login attempts followed by a successful attempt 3. User behavior - typing speed, etc. Regards, Johann. On Mon, Jan 15, 2018 at 4:50 PM, Pamoda Wimalasiri <[email protected]> wrote: > Hi all, > > I'm currently working on a risk score calculation method for the > authentication request of IAM. I'm still doing the background research on > the behavior of other similar approaches [1] and the technologies that can > be used. > > According to my research, the risk score can be calculated based on > parameters such as > > - IP address > - Geographical location > - Authentication history > - Time of day > > In existing approaches, the total level of risk is calculated by the sum > of weighted scores of each parameter. > > Any suggestions are highly appreciated. > > [1] https://backstage.forgerock.com/docs/am/5.5/ > authentication-guide/index.html#authn-adaptive > > Thanks, > Pamoda > -- > > *Pamoda Wimalasiri* > Software Engineer - WSO2 > > Email : [email protected] > Mobile : +94713705814 <+94%2077%20936%207571> > Web : https://wso2.com/ > > -- *Johann Dilantha Nallathamby* Senior Lead Solutions Engineer WSO2, Inc. lean.enterprise.middleware Mobile: *+94 77 7776950* LinkedIn: *http://www.linkedin.com/in/johann-nallathamby <http://www.linkedin.com/in/johann-nallathamby>* Medium: *https://medium.com/@johann_nallathamby <https://medium.com/@johann_nallathamby>* Twitter: *@dj_nallaa*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
