• norsk
    • English
  • English 
    • norsk
    • English
  • Login
View Item 
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi
  • View Item
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

New approach to authentication - considering background and untrusted devices when taking the authentication decision

Haklaj, Merita
Master thesis
View/Open
18301_FULLTEXT.pdf (Locked)
18301_COVER.pdf (Locked)
URI
http://hdl.handle.net/11250/2616172
Date
2017
Metadata
Show full item record
Collections
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi [1558]
Abstract
IT usage today is typified by users that use multiple devices, including smartphones,

desktop PCs, laptops, tablets, etc. Thus, the need to repeatedly authenticate is

raised, and even with the most basic security in place this process can be a source

of frustration and inconvenience for the user.

This especially holds true for authentication on mobile devices where usage is frequent

but short. Thus, the struggle to balance usability and security in authentication

approaches has been present for some time now.

Several user-friendly authentication approaches have been introduced till now,

whose motivation was to reduce the number of intrusive authentications in mobile

devices as much as possible. Even though, by focusing too much on the user-friendliness

of the authentication approach, its security isn t completely addressed.

In this thesis, we propose a new user-friendly authentication approach, whose

focus is on security at the same time. It leverages the security potential of surrounding

devices of the user, specifically the devices that the user trusts, as well as the

non trusted devices which can be found in his/her surrounding.

We explore the capabilities of the devices that are not trusted /owned by the user

in increasing the security of our authentication approach. Those devices can either

be environmental background devices or untrusted devices.

Our research has shown that by increasing the level of security in a user-friendly

authentication approach, it is still possible to achieve a high number of automatic

(non-intrusive) authentications, except in the cases where it is not secure for the

mobile device to allow automatic access. We achieved up to 97.89% of automatic

authentications at the users home, which is considered to be a known environment

which the users most likely trust.

A high percentage of up to 72.99% of automatic authentications was achieved

at the users offices, which is also considered as a known environment, which the

users most likely trust. While a very low percentage of positive authentications was

achieved when the users were in unknown (possibly untrusted) environments. The

highest percentage of automatic authentications in this case was 6%. But, when

in such an environment the users most likely wouldn t have liked to have their

device open automatically, without any countermeasures in place. The increase

of security in our authentication approach can be seen by this low percentage of

automatic authentications in an unknown environment.
Publisher
NTNU

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit
 

 

Browse

ArchiveCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsDocument TypesJournalsThis CollectionBy Issue DateAuthorsTitlesSubjectsDocument TypesJournals

My Account

Login

Statistics

View Usage Statistics

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit