Please enable JavaScript.
Coggle requires JavaScript to display documents.
Authentication Systems, Novel Authentication Methods on Smartphones,…
Authentication Systems
Novel Authentication Methods on Smartphones
Research methodology
Focus Groups
Topics
The Perceived Importance of Mobile Phones in Everyday Life
Alternatives to PIN-based Authentication
Demonstration of Different Authentication Methods
Fingerprint Authentication:patterns of the human fingertip
3D Gesture Recognition:authenticate through gestures made in “free air”
Retina Scan:Authentication through scanning the
human eye
Activity Based Verification:based upon
password authentication
2D Gesture Recognition:authentication
through a gesture drawn on the PC touchpad
Recognition Based Authentication:through selecting points on a picture in a specific order
Speaker Recognition:recognition of the speaker’s
voice
Face Recognition:authentication based on the
recognition of the user’s face
Evaluation of the Data Obtained
All focus group sessions were recorded both on audio and video
result and findings
Focus Group Results
Evaluation of graded Security Concept
gradual security was perceived as useful by all
Evaluation of Authentication Methods
Fingerprint Authentication:
acceptance of 89%
willingness of use of 95%
Quantitative Cross-validation
n=308 participant 45% female
55% male
Fingerprint Authentication by rate 75
2D and 3D authentication by rate 5
conclusion
gradual security is a useful concept
gradual security improve the security of data stored on phones
PIN does not sufficiently protect data
combining a gradual security is not approval
Focus & Goals: addresses laboratory tests regarding a graded security system on smartphones based on novel authentication methods
Usable Authentication Systems for Real-Time Web-based A/V Communications
scenarios:
Unregistered user
Unregistered user with CAPTCHA
Isolated scenario
Federated scenario
Isolated or Federated scenario
Isolated with federated scenario as support
Usability analysis
Indicators
User preferences
Learnanility
Speed
Efficiency
Memorability
Accessibility
Levels
No usability
Medium usability
High usability
Full usability
Not applicable
Low usability
ranking
1- Guest scenario
2- Isolated or Federated
3- Federated
4- Isolated
5- Isolated with CAPTCHA
6- Isolated with Federated
Suggested scenario based on usage
Allowing an unknown user
Guest scenario
Allowing only known users
minimal authentication
Isolated or Federated
high authentication
Isolated with Federated
Other Considerations
User Authentication Method using Topographical Information of Google Maps
Preconditions of the learning model
Web-based training
The examination location is restricted
The question changes each time
Distance learning
Our authentication system
Requirments
A personal computer for learning
Cell telephone to check location
Steps
convert the learning location of a student into location information
A user tries a logon. The system checks the ID and password, and then it shows a URL and a session ID (SID)
The user reads a QR code with the camera of a mobile telephone and accesses the web with location information
The system compares the registered location of the student with the location indicated by the mobile
If the location difference exceeds the limits, the system performs a thorough judgment using Google Maps
When the authentication is confirmed, the system displays “OK”
The user is permitted a logon
proposed scheme
Activate a logon at a particular location
Identify a user's location
Uses the location information on a cell phone
Authentication system judges
The authentication system accesses Google Maps using the address of the user
It acquires the topographical information as a bitmapped image
The system paints the fill area of the address
Authentication permits when the circle of the location information from a mobile overlaps with the painted fill area
Secure Mobile Solution
for Passwords
types of adversaries
Cloud adversary
Server adversary
Device adversary
keep passwords safe
Password managers
passwords are stored locally on the user’s computing device
user passwords are stored online on third-party cloud
passwords are stored on either user phones or dedicated USB devices
proposed scheme:Sesame
Each password is encrypted with a new fresh key on the user's mobile device
combines all different methods of user authentication to create a more robust digital vault for personal data
The keys are stored in our servers
user can backing up the encrypted passwords
user only needs to utter the name
biggest advantage
the user need not assume any trust to neither our servers nor any cloud storage
no need to enter a master password every time since speaker recognition is used
authentication key K1
encryption key K2
Results
true positive rate (TPR) ≈ 1
false positive rate (FPR) ≈ 0
threshold θ = 0.6
Secure Authentication Scheme using personal devices
Main components of our system
System Model
Server
Client side
Registered devices
User’s terminal
Threat Model
semi-honest model
Design Goals
Security
Verification
Correctness
Authentication Protocol Description
Session Tickets
one-time username OTU
session key k
ticket validity period TVP
timestamp T
access control list ACL
The Proposed Protocol
Cryptographic parameters
Elliptic curve cryptography:
registered device holds its public key and private key
server generates public key and private key
Advanced Encryption Standard
Description
ticket ACL
ticket validity period TV P
consist of:
Algorithm 1
provides the details
Algorithm 2
describes the decryption and verification of the ticket information
Algorithm 3
used by the server to verify the user
Algorithm 4
employed by the user to decrypt the verification code
Security result
resist on:
Phishing Attacks
Password-Related Attacks
Shoulder-Surfing Attacks
Client Request Protection
Server Response Protection
One-Time Pad Property
Limitations
which require both a secure execution environment on smartphones and an underlying security architecture
Performance Evaluation
A. Communication Overhead
144 ×N ×m.
B. Computational Overhead
n_r×(3.98+8.53)=12.51n_r ms.