The official PGP user's guide
A taxonomy for key escrow encryption systems
Communications of the ACM
Protecting secret keys with personal entropy
Future Generation Computer Systems - Special issue on security on the Web
Communications of the ACM
Error-tolerant password recovery
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Journaling versus soft updates: asynchronous meta-data protection in file systems
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Multi-domain trust management in variable-threat environments: a user-centric model
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
| Hi-index | 0.00 |
We propose a new framework for authentication mechanisms that seek to interact with users in a friendlier way. Human or community-centric authentication supports vanilla access to users who fail an initial attempt to identify themselves. This limited access enables them to communicate with their peer community to achieve authentication. The actions of users with vanilla access can be rolled back in case they do not progress to full authentication status. This mechanism is supported by a peer community trust infrastructure that exploits the effectiveness that humans have in understanding their communal roles in order to mitigate their lesser skill in remembering passwords or pins. The techniques involved essentially implement a human-centric key escrow and recovery mechanism.