مجال
التميز
|
تميز دراسي و بحثي
|
|
|
البحوث المنشورة
|
|
البحث (1):
|
|
عنوان البحث:
|
Continuous and
transparent multimodal authentication: reviewing the state of the art
|
رابط إلى البحث:
|
Click
here
|
تاريخ النشر:
|
26/11/2015
|
موجز عن البحث:
|
Individuals,
businesses and governments undertake an ever-growing range of activities
online and via various Internet-enabled digital devices. Unfortunately, these
activities, services, information and devices are the targets of cybercrimes.
Verifying the user legitimacy to use/access a digital device or service has
become of the utmost importance. Authentication is the frontline
countermeasure of ensuring only the authorized user is granted access;
however, it has historically suffered from a range of issues related to the
security and usability of the approaches. They are also still mostly
functioning at the point of entry and those performing sort of
re-authentication executing it in an intrusive manner. Thus, it is apparent
that a more innovative, convenient and secure user authentication solution is
vital. This paper reviews the authentication methods along with the current
use of authentication technologies, aiming at developing a current
state-of-the-art and identifying the open problems to be tackled and
available solutions to be adopted. It also investigates whether these
authentication technologies have the capability to fill the gap between high
security and user satisfaction. This is followed by a literature review of
the existing research on continuous and transparent multimodal
authentication. It concludes that providing users with adequate protection
and convenience requires innovative robust authentication mechanisms to be
utilized in a universal level. Ultimately, a potential federated biometric
authentication solution is presented; however it needs to be developed and
extensively evaluated, thus operating in a transparent, continuous and
user-friendly manner.
|
|
|
المؤتمرات العلمية:
|
|
|
|
المؤتمر (1):
|
|
عنوان المؤتمر:
|
11th
Australian Information Security Management Conference (AISM2013)
|
تاريخ الإنعقاد:
|
02/12/2013
|
مكان
الإنعقاد:
|
Perth, Australia
|
طبيعة المشاركة:
|
Paper presentation
|
عنوان المشاركة:
|
A
Conceptual Model for Federated Authentication in the Cloud
|
ملخص المشاركة:
|
Authentication is a
key security control for any computing system, whether that is a PC, server,
laptop, tablet or mobile phone. However, authentication is traditionally
poorly served, with existing implementations falling foul of a variety of weaknesses.
Passwords are poorly selected, reused and shared (to name but a few).
Research has suggested novel approaches to authentication such as transparent
authentication and cooperative and distributed authentication. However, these
technologies merely focus upon individual platforms rather than providing a
universal and federated authentication approach that can be used across
technologies and services. The advent of cloud computing, its universal
connectivity, scalability and flexibility, offers a new opportunity of
achieving usable and convenient authentication seamlessly in a technology and
service independent fashion. The approach introduces a new dedicated
authentication provider – the Managed Authentication Service Provider – that
is able to provide state-of-the-art centralised verification of authenticity.
However, relying upon such an environment also introduces a range of
technology, privacy and trust-related issues that must be overcome.
|
|
|
المؤتمر (2):
|
|
عنوان المؤتمر:
|
International
Conference on Cloud Computing (ICCC15)
|
تاريخ الإنعقاد:
|
27/04/2015
|
مكان
الإنعقاد:
|
Riyadh, Saudi
Arabia
|
طبيعة المشاركة:
|
Paper presentation
|
عنوان المشاركة:
|
The
Current Use of Authentication Technologies: An Investigative Review
|
ملخص المشاركة:
|
Individuals,
businesses and governments undertake an ever-growing range of activities
online and via various Internet-enabled digital devices. Unfortunately, these
activities, services, information and devices are the targets of cybercrimes.
Verifying the user legitimacy to use/access a digital device or service has
become of the utmost importance. Authentication is the frontline
countermeasure of ensuring only the authorized user is granted access;
however, it has historically suffered from a range of issues related to the
security and usability of the approaches. Further to this, they are still
mostly functioning at the point of entry and those performing sort of
re-authentication executing it in an intrusive manner. This paper reviews the
authentication methods along with the current use of authentication
technologies, aiming at developing a current state-of-the-art understanding
addressing the open problems to be tackled and available solutions to be
adopted. Furthermore, it investigates whether these authentication
technologies have the capability to fill the gap between high security and
user satisfaction. Ultimately, it concludes that providing users with
adequate protection and convenience requires innovative robust authentication
mechanisms to be utilized in a universal level, thus operating in a
transparent, continuous and user-friendly manner.
|
|
|
المؤتمر (3):
|
|
عنوان المؤتمر:
|
14th
European Conference on Cyber Warfare and Security
|
تاريخ الإنعقاد:
|
01/07/2015
|
مكان
الإنعقاد:
|
Hatfield, UK
|
طبيعة المشاركة:
|
Paper presentation
|
عنوان المشاركة:
|
A Survey
of Continuous and Transparent Multibiometric Authentication Systems
|
ملخص المشاركة:
|
The advancement of
technologies and the increasing number of users utilising them has given rise
to a significant concern over protecting them from misuse. The integral aim
of any IT system is to safeguard resources against any illegitimate access
and authentication is the cornerstone to enabling this. Arguably, existing
user authentication approaches have not adequately advanced proportionally
with the advancement of digital devices technologies. The majority of
implementations also operate merely at point-of-entry, providing little
consideration to on-going identity confidence, leaving the system susceptible
to misuse. Research has proposed continuous authentication as an alternative
that can provide additional security, albeit introducing an additional burden
upon the user if not implemented considerately. A range of studies have been
proposed to overcome these downsides without compromising the user
convenience by continuously and transparently authenticating the user
throughout. This paper performs a survey and critical analysis of the domain,
in particular focussing upon the role that multibiometrics has and its
viability in practice. Studies have found that a variety of biometrics
techniques have been investigated including physiological only, behavioural
only and both, with the addition of soft biometrics or even passwords,
rendering them not to be completely transparent thereby suffering from
intrusive authentication drawbacks. The operational context also varies,
including PC, mobile, wearable, various devices, and the Internet/cloud.
Therefore, it is evident that there is a lack of an empirical solution that
can be accomplished seamlessly in a location, technology and service
independent fashion. With respect to performance, many studies never undertook
an evaluation; others declared heterogeneous metrics, making a comparison
implausible. Despite the fact that most of the studies deployed an identity
confidence/trust adaptation, a small proportion of them associated it to the
differing risk level of a particular data, action, or service. It is
perceived that the success of a particular mechanism has the merit of
ensuring an effective authentication method together with user acceptance.
However, it is paramount to have a high level of performance, scalability,
and interoperability amongst existing and future systems, services and
devices. Furthermore, all these requirements should be implemented and
evaluated extensively on real data in order to prove that such a system is
viable, including its acceptability and usability.
|
|
|
المؤتمر (4):
|
|
عنوان المؤتمر:
|
12th International Conference on Trust, Privacy
and Security in Digital Business (TrustBus 2015), Trust Privacy and Security
in Digital Business
|
تاريخ الإنعقاد:
|
01/09/2015
|
مكان
الإنعقاد:
|
Valencia, Spain
|
طبيعة المشاركة:
|
Paper presentation
|
عنوان المشاركة:
|
Security, Privacy
and Usability – A Survey of Users’ Perceptions and Attitudes
|
ملخص المشاركة:
|
Users are now in
possession of an ever-growing number of advance digital devices with a wide
range of capabilities which are used for accessing, storing and processing
enormous information. A significant proportion of it is often considered
sensitive and confidential. Accordingly, each device has its own associated
security requirements and configurations. This paper presents the survey
results of 302 digital device users, which aimed at exploring their
technology usage and security practices, and at investigating their
perceptions and satisfaction of associated current and alternative
authentication approaches alongside their usability. Furthermore, it sought
to analyse users’ awareness and attitudes towards related privacy issues. It
is revealed that an inconsistency between users’ perceptions and real
practices exists. Despite the widespread interest in more security, there is
a quite low number of respondents using or maintaining the available security
measures. However, it is apparent that users do not avoid applying the
concept of authentication security but avoid the inconvenience of its current
common techniques (biometrics are having growing practical interest). The
respondents’ perceptions towards Trusted Third-Party (TTP) enable utilising
biometrics for a novel authentication solution managed by a TTP working on
multi devices to access multi services. However, it must be developed and
implemented considerately.
|