The case for transient authentication

Authors:
Brian D. Noble;Mark D. Corner
Affiliations:
University of Michigan, Ann Arbor, MI;University of Michigan, Ann Arbor, MI
Venue:
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Year:
2002

Citing 11
Cited 4

A cryptographic file system for UNIX

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
File-system development with stackable layers

ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Zero-interaction authentication

Proceedings of the 8th annual international conference on Mobile computing and networking
An Introduction to Evaluating Biometric Systems

Computer
An Iris Biometric System for Public and Personal Use

Computer
An Introduction to Evaluating Biometric Systems

Computer
Application Design for a Smart Watch with a High Resolution Display

ISWC '00 Proceedings of the 4th IEEE International Symposium on Wearable Computers
Protecting unattended computers without software

ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
Encrypting virtual memory

SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Secure coprocessors in electronic commerce applications

WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
FiST: a language for stackable file systems

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference

Zero-interaction authentication

Proceedings of the 8th annual international conference on Mobile computing and networking
Protecting applications with transient authentication

Proceedings of the 1st international conference on Mobile systems, applications and services
Context sensitive adaptive authentication

EuroSSC'07 Proceedings of the 2nd European conference on Smart sensing and context
Non-standards for trust: foreground trust and second thoughts for mobile security

STM'11 Proceedings of the 7th international conference on Security and Trust Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

How does a machine know who is using it? Currently, systems assume that the user typing now is the same person who supplied a password days ago. Such persistent authentication is inappropriate for mobile and ubiquitous systems, because associations between people and devices are fleeting. To address this, we propose transient authentication. In this model, a user wears a small hardware token that authenticates the user to other devices over a short-range, wireless link. This paper presents the four principles of transient authentication, our experience applying the model to a cryptographic file system, and our plans for extending the model to other services and applications.