The Evolution of Authentication

An analysis of 6 million accounts showed that 10,000 common passwords would have access to 99.8% of the accounts. When looking at passwords for banking accounts, it can be found that 73% of users shared their online banking password with at least one non-financial site, which means that when the non-banking site gets hacked, the banking account is threatened. And it’s not only about security. According to a recent study conducted by the Ponemon Institute, more than 45% of the online transactions fail “Very Frequently” or “Frequently” due to authentication problems. Passwords do not work, yet no other technologies have been broadly deployed, why is that?

[1]  Ray Hunt,et al.  Trustworthy clients: Extending TNC to web-based environments , 2009, Comput. Commun..

[2]  Stuart E. Schechter,et al.  The Emperor's New Security Indicators , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Eric Rofes,et al.  Christchurch, New Zealand , 2003, The Statesman’s Yearbook Companion.

[4]  Robert Tappan Morris,et al.  USENIX Association Proceedings of HotOS IX : The 9 th Workshop on Hot Topics in Operating Systems , 2003 .

[5]  Harald Schumny,et al.  Next generation , 2005, Comput. Stand. Interfaces.

[6]  Gregory D. Williamson Enhanced Authentication In Online Banking , 2006 .

[7]  Scott A. Rotondo Trusted Computing Group , 2011, Encyclopedia of Cryptography and Security.

[8]  Ray A. Perlner,et al.  Electronic Authentication Guideline , 2014 .

[9]  John A. Clark,et al.  A survey of authentication protocol literature: Version 1.0 , 1997 .

[10]  Andreas Leicher,et al.  Trusted computing enhanced user authentication with OpenID and trustworthy user interface , 2011 .

[11]  Steve Smith 10 steps to Bring Your Own Device , 2013 .

[12]  Anil K. Jain,et al.  Continuous user authentication using temporal information , 2010, Defense + Commercial Sensing.

[13]  Cormac Herley,et al.  A large-scale study of web password habits , 2007, WWW '07.

[14]  L. Blunk Vollbrecht Consulting LLC , 2004 .

[15]  Sally Hudson Analyst Q&A: IDC , 2011 .

[16]  Sascha Rehbock Trustworthy Clients : Architectural Approaches for Extending TNC to Web-Based Environments , 2009 .

[17]  Frank Stajano,et al.  The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes , 2012, 2012 IEEE Symposium on Security and Privacy.

[18]  Michael Weber,et al.  Password entry usability and shoulder surfing susceptibility on different smartphone platforms , 2012, MUM.

[19]  M. S. Obaidat,et al.  Keystroke Dynamics Based Authentication , 1996 .

[20]  Václav Matyás,et al.  Biometric authentication - security and usability , 2002, Communications and Multimedia Security.

[21]  Martha E. Crosby,et al.  Continuous identity authentication using multimodal physiological sensors , 2004, SPIE Defense + Commercial Sensing.

[22]  John A. Clark,et al.  A Survey of Authentication Protocol Literature , 2010 .

[23]  Michael Franz,et al.  Semantic remote attestation: a virtual machine directed approach to trusted computing , 2004 .