A study in authentication via electronic personal history questions

A. Nosseir, S. Terzis

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

5 Citations (Scopus)

Abstract

Authentication via electronic personal history questions is a novel technique that aims to enhance questionbased authentication. This paper presents a study that is part of a wider investigation into the feasibility of the technique. The study used academic personal web site data as a source of personal history information, and studied the effect of using an image-based representation of questions about personal history events. It followed a methodology that assessed the impact on both genuine users and attackers, and provides a deeper
insight into their behaviour. From an authentication point of view, the study concluded that (a) an imagebased representation of questions is certainly beneficial; (b) a small increase in the number of distracters/options used in closed questions has a positive effect; and (c) despite the closeness of the
attackers their ability to answer correctly with high confidence questions about the genuine users’ personal history is limited. These results are encouraging for the feasibility of the technique.
LanguageEnglish
Title of host publicationProceedings of the 12th International Conference on Enterprise Information Systems
EditorsJose Cordeiro
Pages63-70
Number of pages8
Publication statusPublished - Jun 2010
Event12th International Conference on Enterprise Information Systems - Funchal, Portugal
Duration: 8 Jun 201012 Jun 2010

Conference

Conference12th International Conference on Enterprise Information Systems
CountryPortugal
CityFunchal
Period8/06/1012/06/10

Fingerprint

Authentication
Websites

Keywords

  • electronic personal histories
  • authentication
  • security applications

Cite this

Nosseir, A., & Terzis, S. (2010). A study in authentication via electronic personal history questions. In J. Cordeiro (Ed.), Proceedings of the 12th International Conference on Enterprise Information Systems (pp. 63-70)
Nosseir, A. ; Terzis, S. / A study in authentication via electronic personal history questions. Proceedings of the 12th International Conference on Enterprise Information Systems. editor / Jose Cordeiro. 2010. pp. 63-70
@inproceedings{7cee57ac579442e683346fd1ba4930f3,
title = "A study in authentication via electronic personal history questions",
abstract = "Authentication via electronic personal history questions is a novel technique that aims to enhance questionbased authentication. This paper presents a study that is part of a wider investigation into the feasibility of the technique. The study used academic personal web site data as a source of personal history information, and studied the effect of using an image-based representation of questions about personal history events. It followed a methodology that assessed the impact on both genuine users and attackers, and provides a deeper insight into their behaviour. From an authentication point of view, the study concluded that (a) an imagebased representation of questions is certainly beneficial; (b) a small increase in the number of distracters/options used in closed questions has a positive effect; and (c) despite the closeness of the attackers their ability to answer correctly with high confidence questions about the genuine users’ personal history is limited. These results are encouraging for the feasibility of the technique.",
keywords = "electronic personal histories , authentication, security applications",
author = "A. Nosseir and S. Terzis",
year = "2010",
month = "6",
language = "English",
pages = "63--70",
editor = "Jose Cordeiro",
booktitle = "Proceedings of the 12th International Conference on Enterprise Information Systems",

}

Nosseir, A & Terzis, S 2010, A study in authentication via electronic personal history questions. in J Cordeiro (ed.), Proceedings of the 12th International Conference on Enterprise Information Systems. pp. 63-70, 12th International Conference on Enterprise Information Systems, Funchal, Portugal, 8/06/10.

A study in authentication via electronic personal history questions. / Nosseir, A.; Terzis, S.

Proceedings of the 12th International Conference on Enterprise Information Systems. ed. / Jose Cordeiro. 2010. p. 63-70.

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

TY - GEN

T1 - A study in authentication via electronic personal history questions

AU - Nosseir, A.

AU - Terzis, S.

PY - 2010/6

Y1 - 2010/6

N2 - Authentication via electronic personal history questions is a novel technique that aims to enhance questionbased authentication. This paper presents a study that is part of a wider investigation into the feasibility of the technique. The study used academic personal web site data as a source of personal history information, and studied the effect of using an image-based representation of questions about personal history events. It followed a methodology that assessed the impact on both genuine users and attackers, and provides a deeper insight into their behaviour. From an authentication point of view, the study concluded that (a) an imagebased representation of questions is certainly beneficial; (b) a small increase in the number of distracters/options used in closed questions has a positive effect; and (c) despite the closeness of the attackers their ability to answer correctly with high confidence questions about the genuine users’ personal history is limited. These results are encouraging for the feasibility of the technique.

AB - Authentication via electronic personal history questions is a novel technique that aims to enhance questionbased authentication. This paper presents a study that is part of a wider investigation into the feasibility of the technique. The study used academic personal web site data as a source of personal history information, and studied the effect of using an image-based representation of questions about personal history events. It followed a methodology that assessed the impact on both genuine users and attackers, and provides a deeper insight into their behaviour. From an authentication point of view, the study concluded that (a) an imagebased representation of questions is certainly beneficial; (b) a small increase in the number of distracters/options used in closed questions has a positive effect; and (c) despite the closeness of the attackers their ability to answer correctly with high confidence questions about the genuine users’ personal history is limited. These results are encouraging for the feasibility of the technique.

KW - electronic personal histories

KW - authentication

KW - security applications

UR - http://www.cis.strath.ac.uk/cis/research/publications/papers/strath_cis_publication_2482.pdf

UR - http://www.iceis.org/ICEIS2010/

M3 - Conference contribution book

SP - 63

EP - 70

BT - Proceedings of the 12th International Conference on Enterprise Information Systems

A2 - Cordeiro, Jose

ER -

Nosseir A, Terzis S. A study in authentication via electronic personal history questions. In Cordeiro J, editor, Proceedings of the 12th International Conference on Enterprise Information Systems. 2010. p. 63-70