An empirical study of an authentication

Ann Nosseir, Richard Connor, Crawford Revie

Research output: Contribution to conferencePaper

Abstract

On the Internet, there is an uneasy tension between the security and usability of authentication mechanisms. An easy three-part classification is: 'something you know' (e.g. password); 'something you hold' (e.g. device holding digital certificate), and 'who you are' (e.g. biometric assessment) [9]. Each of these has well-known problems; passwords are written down, guessable, or forgotten; devices are lost or stolen, and biometric assays alienate users. We have investigated a novel strategy of querying the user based on their personal history (a 'Rip van Winkle' approach.) The sum of this information is large and well-known only to the individual. The volume is too large for impostors to learn; our observation is that, in the emerging environment, it is possible to collate and automatically query such information as an authentication test.
Original languageEnglish
Publication statusPublished - 2006
EventACM Human Computer Interaction Conference - Montreal, Canada
Duration: 24 Apr 200627 Apr 2006

Conference

ConferenceACM Human Computer Interaction Conference
CityMontreal, Canada
Period24/04/0627/04/06

Keywords

  • internet authentication
  • internet security
  • usability

Fingerprint Dive into the research topics of 'An empirical study of an authentication'. Together they form a unique fingerprint.

  • Cite this

    Nosseir, A., Connor, R., & Revie, C. (2006). An empirical study of an authentication. Paper presented at ACM Human Computer Interaction Conference, Montreal, Canada, .