Short paper
Autor: | Ling Huang, Mario Frank, Ian Timothy Fischer, Cynthia Kuo |
---|---|
Rok vydání: | 2012 |
Předmět: |
020203 distributed computing
Authentication business.industry Computer science 020206 networking & telecommunications Context (language use) Usability 02 engineering and technology Computer security computer.software_genre Sketch Threat model 0202 electrical engineering electronic engineering information engineering Wireless Security community business computer Mobile device |
Zdroj: | SPSM@CCS |
DOI: | 10.1145/2381934.2381941 |
Popis: | Today's mobile devices are packed with sensors that are capable of gathering rich contextual information, such as location, wireless device signatures, ambient noise, and photographs. This paper exhorts the security community to re-design authentication mechanisms for users on mobile devices. Instead of relying on one simplistic, worst-case threat model, we should use contextual information to develop more nuanced models that assess the risk level of the user's current environment. This would allow us to decrease or eliminate the level of user interaction required to authenticate in some situations, improving usability without any effective impact on security. Ideally, authentication mechanisms will scale up or down to match users' own mental threat models of their environments. We sketch out several scenarios demonstrating how contextual information can be used to assess risks and adapt authentication mechanisms. This is a research-rich area, and we outline future research directions for developing and evaluating dynamic security mechanisms using contextual information. |
Databáze: | OpenAIRE |
Externí odkaz: |