Towards authentication via selected extraction from electronic personal histories

A. Nosseir, Sotirios Terzis

Research output: Chapter in Book/Report/Conference proceedingConference contribution book


Authentication via selected extraction from electronic personal histories is a novel question-based authentication technique. This paper first presents a study using academic personal web site data that investigated the effect of using image-based authentication questions. By assessing the impact on both genuine users and attackers the study concluded that from an authentication point of view (a) an image-based representation of questions is beneficial; (b) a small increase in the number of distracters/options in closed questions is positive; and (c) the ability of attackers, close to genuine users, to answer correctly with high confidence, genuine users’ questions is limited. Second, the paper presents the development of a web-based prototype for automated generation of image-based authentication questions. The prototype makes clear that although possible to largely automate the generation of authentication questions, this requires significant engineering effort and further research. These results are encouraging for the feasibility of the technique.
Original languageEnglish
Title of host publicationEnterprise Information Systems
Subtitle of host publicationRevised Selected Papers of the 12th International Conference on Enterprise Information Systems
EditorsJoaquim Filipe, Jose Cordeiro
Number of pages16
ISBN (Print)9783642198014
Publication statusPublished - 2011
Event12th International Conference, ICEIS 2010 - Funchal-Madeira, Portugal
Duration: 8 Jun 201012 Jun 2010

Publication series

NameLecture Notes in Business Information Processing
ISSN (Print)1865-1348
ISSN (Electronic)1865-1356


Conference12th International Conference, ICEIS 2010


  • electronic personal histories
  • authentication
  • computer science
  • enterprise information systems
  • security usability


Dive into the research topics of 'Towards authentication via selected extraction from electronic personal histories'. Together they form a unique fingerprint.

Cite this