ACCESS: Describing and Contrasting - Authentication Mechanisms

The password the almost universal authentication solution yet is buckling under the strain. It demonstrates insufficiency and weakness due to poor choice, reuse and ease of transfer. Graphical passwords, biometrics, and hardware tokens have been suggested as alternatives. Industry has, unfortunately, not embraced these alternatives. One possible explanation is the complexity of the choice process. To support authentication decision-markers we suggest a framework called ACCESS (Authentication ChoiCE Support System) which captures requirements, consults a knowledge base of existing authentication mechanisms and their properties, and suggests those mechanisms that match the specified requirements.

[1]  Muthucumaru Maheswaran,et al.  Feasibility of a Socially Aware Authentication Scheme , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[2]  D. Meadows-Klue The Tipping Point: How Little Things Can Make a Big Difference , 2004 .

[3]  Paul C. van Oorschot,et al.  Passwords: If We're So Smart, Why Are We Still Using Them? , 2009, Financial Cryptography.

[4]  L. O'Gorman,et al.  Comparing passwords, tokens, and biometrics for user authentication , 2003, Proceedings of the IEEE.

[5]  Barry W. Boehm,et al.  Value-based processes for COTS-based applications , 2005, IEEE Software.

[6]  Mauro Conti,et al.  Mind how you answer me!: transparently authenticating the user of a smartphone when answering or placing a call , 2011, ASIACCS '11.

[7]  Brian D. Noble,et al.  Zero-interaction authentication , 2002, MobiCom '02.

[8]  Karen Renaud,et al.  Now what was that password again? A more flexible way of identifying and authenticating our seniors , 2007, Behav. Inf. Technol..

[9]  Luigi Catuogno,et al.  On the Security of a Two-Factor Authentication Scheme , 2010, WISTP.

[10]  Peter Van Dijck,et al.  Review of The tipping point: how little things can make a big difference by Malcom Gladwell. Little Brown & Company. , 2001 .

[11]  Alain Forget,et al.  Exploring usability effects of increasing security in click-based graphical passwords , 2010, ACSAC '10.

[12]  Pekka J. Korhonen,et al.  Multiple criteria decision support: The state of research and future directions , 1992, Comput. Oper. Res..

[13]  J. Stockman Effects of Computerized Clinical Decision Support Systems on Practitioner Performance and Patient Outcomes: A Systematic Review , 2006 .

[14]  M. Angela Sasse,et al.  Users are not the enemy , 1999, CACM.

[15]  Chip Heath,et al.  Made to stick : why some ideas take hold and others come unstuck , 2008 .

[16]  Drummond Reed,et al.  OpenID 2.0: a platform for user-centric identity management , 2006, DIM '06.

[17]  L. Tam,et al.  The psychology of password management: a tradeoff between security and convenience , 2010, Behav. Inf. Technol..

[18]  P Tugwell,et al.  A decision aid for women considering hormone therapy after menopause: decision support framework and evaluation. , 1998, Patient education and counseling.

[19]  J. Park,et al.  Development of a production cost estimation framework to support product family design , 2005 .

[20]  Sarah Sharples,et al.  The importance of usability in product choice: A mobile phone case study , 2009, Ergonomics.

[21]  Robert Biddle,et al.  A second look at the usability of click-based graphical passwords , 2007, SOUPS '07.

[22]  Andrew F. Monk User-Centred Design , 2000 .

[23]  Wendy Moncur,et al.  Pictures at the ATM: exploring the usability of multiple graphical passwords , 2007, CHI.

[24]  Arun Ross,et al.  An introduction to biometric recognition , 2004, IEEE Transactions on Circuits and Systems for Video Technology.

[25]  E. J. Kelley,et al.  The Importance of Convenience in Consumer Purchasing , 1958 .

[26]  Carsten Maple,et al.  Musipass: authenticating me softly with "my" song , 2009, NSPW '09.

[27]  高田哲司,et al.  "Exploring the Design Space of Graphical Passwords on Smartphones"の紹介 , 2013 .

[28]  Mervyn A. Jack,et al.  User perceptions of security, convenience and usability for ebanking authentication tokens , 2009, Comput. Secur..

[29]  Pekka Korhonen,et al.  Multiple criteria decision support - A review , 1992 .

[30]  John Urquhart Ferguson Mutually reinforcing systems , 2010, HCOMP '10.

[31]  Antonella De Angeli,et al.  Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems , 2005, Int. J. Hum. Comput. Stud..

[32]  Patel,et al.  Information Security: Theory and Practice , 2008 .

[33]  H. Lehmann,et al.  Clinical Decision Support Systems (cdsss) Have Been Hailed for Their Potential to Reduce Medical Errors Clinical Decision Support Systems for the Practice of Evidence-based Medicine , 2022 .

[34]  Peter Mayer,et al.  Are graphical authentication mechanisms as strong as passwords? , 2013, 2013 Federated Conference on Computer Science and Information Systems.

[35]  Andrew F. Monk,et al.  User-Centred Design , 2000, Encyclopedia of Database Systems.

[36]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[37]  Robert Frischholz,et al.  BioID: A Multimodal Biometric Identification System , 2000, Computer.

[38]  Joseph Maguire,et al.  An ecologically valid evaluation of an observation-resilient graphical authentication mechanism , 2013 .