Model for analysing Anti-Phishing Authentication Ceremonies
| Autor: | Fred Mtenzi, Brendan O'Shea, Edina Hatunic-Webster |
|---|---|
| Rok vydání: | 2014 |
| Předmět: |
World Wide Web
Challenge-Handshake Authentication Protocol Computer science Authentication protocol Network Access Control Lightweight Extensible Authentication Protocol Email authentication Multi-factor authentication Challenge–response authentication Computer security computer.software_genre computer Phishing |
| Zdroj: | ICITST |
| DOI: | 10.1109/icitst.2014.7038795 |
| Popis: | Phishing takes advantage of the way humans interact with computers or interpret messages; and also that many online authentication protocols place a disproportional burden on human abilities. A security ceremony is an extension of the concept of network security protocol and includes user interface and human-protocol interaction. It is one way of extending the reach of current methods for social, technical and contextual analysis of security protocols to include humans. In this paper, we propose a Human Factors in Anti-Phishing Authentication Ceremonies (APAC) Framework for investigating phishing attacks in authentication ceremonies, which builds on The Human-in-the-Loop Security Framework of communication processing. We show how to apply the APAC framework to model human-protocol behaviour. The resulting Model for Analysing APAC correlates the framework components and examines how the authentication tasks required to be performed by humans influence their decision-making and consequently their phishing detection. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|