Identity Authentication and Near Field Device Authentication for Smart Devices

January 2014

abstract: The widespread adoption of mobile devices gives rise to new opportunities and challenges for authentication mechanisms. Many traditional authentication mechanisms become unsuitable for smart devices. For example, while password is widely used on computers as user identity authentication, inputting password on small smartphone screen is error-prone and not convenient. In the meantime, there are emerging demands for new types of authentication. Proximity authentication is an example, which is not needed for computers but quite necessary for smart devices. These challenges motivate me to study and develop novel authentication mechanisms specific for smart devices. In this dissertation, I am interested in the special authentication demands of smart devices and about to satisfy the demands. First, I study how the features of smart devices affect user identity authentications. For identity authentication domain, I aim to design a continuous, forge-resistant authentication mechanism that does not interrupt user-device interactions. I propose a mechanism that authenticates user identity based on the user's finger movement patterns. Next, I study a smart-device-specific authentication, proximity authentication, which authenticates whether two devices are in close proximity. For prox- imity authentication domain, I aim to design a user-friendly authentication mechanism that can defend against relay attacks. In addition, I restrict the authenticated distance to the scale of near field, i.e., a few centimeters. My first design utilizes a user's coherent two-finger movement on smart device screen to restrict the distance. To achieve a fully-automated system, I explore acoustic communications and propose a novel near field authentication system. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2014

Computer science

acoustic communications

Identity

Mobile Authentication

Proximity Authentication

Smartphones

touch screen

Towards Seamless and Secure Mobile Authentication

January 2014

abstract: With the rise of mobile technology, the personal lives and sensitive information of everyday citizens are carried about without a thought to the risks involved. Despite this high possibility of harm, many fail to use simple security to protect themselves because they feel the benefits of securing their devices do not outweigh the cost to usability. The main issue is that beyond initial authentication, sessions are maintained using optional timeout mechanisms where a session will end if a user is inactive for a period of time. This interruption-based form of continuous authentication requires constant user intervention leading to frustration, which discourages its use. No solution currently exists that provides an implementation beyond the insecure and low usability of simple timeout and re-authentication. This work identifies the flaws of current mobile authentication techniques and provides a new solution that is not limiting to the user, has a system for secure, active continuous authentication, and increases the usability and security over current methods. / Dissertation/Thesis / Masters Thesis Computer Science 2014

Computer science

continuous mobile authentication

evaluation framework

mobile computing

mobile device security

physical smart key

usable security

ECG Authentication for Mobile Device

Arteaga Falconi, Juan Sebastian

January 2013

Mobile devices users are storing more and more private and often highly sensitive information on their mobiles. Protective measures to ensure that users of mobile devices are appropriately safeguarded are thus imperative to protect users. Traditional mobile login methods, like numerical or graphical passwords, are vulnerable to passive attacks. It is common for criminal s to gain access to victims' personal information by watching victims enter their passwords into their cellphone screens from a short distance away. With this in mind, a Biometric authentication algorithm based on electrocardiogram or ECG is proposed. In this system the user will only need to touch the ECG electrodes of the mobile device to gain access. With this authentication mode no one will be able to see the biometric pattern that is used to unlock the de vices. This will increase the protection for the users. The algorithm was tested with ten subjects from MCRlab at the University of Ottawa at different days and conditions using a two electrode ECG phone case. Several tests were performed in order to reach the best setting for the algorithm to work properly. The final results show that the system has a 1.41% of chance to accept false users and 81.82% of accepting the right users. The algorithm was also tested with 73 subjects from Physionet database and the results were around the same, which confirms the consistency of the algorithm. This is the first approach on mobile authentication using ECG biometric signals and shows a promising future for this technology to be used in mobiles.

Biometrics

ECG authentication

ECG Biometrics

ECG authentication for mobiles

ECG Identification

Biometrics for Mobiles

Mobile Authentication

Phone Authentication

ECG Phone Authentication

Improving the Security of Mobile Devices Through Multi-Dimensional and Analog Authentication

Gurary, Jonathan, Gurary

28 March 2018

No description available.

Computer Engineering

Computer Science

authentication

mobile authentication

graphical password

analog authentication

multi-dimensional authentication

shoulder-surfing

challenge-response

keystroke dynamics

virtual reality