History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
The Art and Science of Computer Security
The Art and Science of Computer Security
Fourth-factor authentication: somebody you know
Proceedings of the 13th ACM conference on Computer and communications security
Introducing secure provenance: problems and challenges
Proceedings of the 2007 ACM workshop on Storage security and survivability
A logical framework for history-based access control and reputation systems
Journal of Computer Security
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Towards semantics for provenance security
TAPP'09 First workshop on on Theory and practice of provenance
Preventing history forgery with secure provenance
ACM Transactions on Storage (TOS)
A Formal Framework for Provenance Security
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
Hi-index | 0.00 |
Authentication is one of the most fundamental security problems. To date, various distinct authentication factors such as passwords, tokens, certificates, and biometrics have been designed for authentication. In this paper, we propose using the history or provenance of previous interactions and events as the generic platform for all authentication challenges. In this paradigm, provenance of past interactions with the authenticating principle or a third party is used to authenticate a user. We show that the interaction provenance paradigm is generic and can be used to represent existing authentication factors, yet allow the use of newer methods. We also discuss how authentication based on interactions can allow very flexible but complex authentication and access control policies that are not easily possible with current authentication models.