Question

How to continuously prove the identity of the user when they perform sensitive operations?

Context

In current cloud environment there is no continuous control over user activities once user is authenticated. If an attacker is able to hack an account, he can do whatever he wants on both user and system resource. Controlling user activities during usage session is important in some use cases (e.g. smart home, healthcare) in order to prevent or minimise the damage that might happen as the result of account hacking. With continuous control, system can react on time to the abnormal activities done or being done by user.

Solution

The solution is to develop the intelligent usage control tools monitoring the usage activities of user from the start till the end of usage session. The tools must work in the background and be intelligent enough to detect any abnormal activities and prevent user from making further damage if abnormal activities are detected.

References

What is Cloud Identity Management? - jumpcloud.com

Identification, Authentication and Authorisation Navigation