Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
Dynamic identity verification via keystroke characteristics
International Journal of Man-Machine Studies
Message authentication by integrity with public corroboration
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Reducing shoulder-surfing by using gaze-based password entry
Proceedings of the 3rd symposium on Usable privacy and security
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Panic passwords: authenticating under duress
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Internet geolocation: Evasion and counterevasion
ACM Computing Surveys (CSUR)
We have met the enemy and he is us
Proceedings of the 2008 workshop on New security paradigms
VideoTicket: detecting identity fraud attempts via audiovisual certificates and signatures
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
So long, and no thanks for the externalities: the rational rejection of security advice by users
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
IEEE Security and Privacy
A prototype real-time intrusion-detection expert system
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Countering identity theft through digital uniqueness, location cross-checking, and funneling
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Biometrics: a tool for information security
IEEE Transactions on Information Forensics and Security
On the Feasibility of Internet-Scale Author Identification
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
IEEE Transactions on Circuits and Systems for Video Technology
Free vs. transcribed text for keystroke-dynamics evaluations
Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results
Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems
Proceedings of the 2012 workshop on New security paradigms
IEEE Security and Privacy
Does my password go up to eleven?: the impact of password meters on password selection
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
| Hi-index | 0.00 |
In the real world we do authentication hundreds of times a day with little effort and strong confidence. We believe that the digital world can and should catch up. The focus of this paper is about authentication for critical applications. Specifically, it is about the fundamentals for evaluating whether or not someone is who they say they are by using combinations of multiple meaningful and measurable input factors. We present a "gold standard" for authentication that builds from what we naturally and effortlessly do everyday in a face-to-face meeting. We also consider how such authentication systems can enable resilience to users under duress. This work differs from much of the other work in authentication first by focusing on authentication techniques that provide meaningful measures of confidence in identity and also by using a multifaceted approach that comprehensively integrates multiple factors into a continuous authentication system, without adding burdensome overhead to users.