A new risk-based authentication management model oriented on user's experience
Mariusz Sepczuk , Zbigniew Kotulski
AbstractWith the increasing role of numerous Internet services, more and more private data must be protected. One of the mechanisms which is used to ensure data security is user authentication. A reliable authentication mechanism is a foundation of security of a remote service but, on the other hand, it is also a source of user frustration because of fear of losing access in case of three failures. A remedy to this problem could be contextual secure authentication. Such a protocol should provide multi-level authentication mechanism which increases user satisfaction without decreasing a protection level. In this paper we propose a risk analysis procedure of a new authentication management model using contextual data and oriented on user experience. We describe an approach to risk assessment of the mechanism, which supports a process of choosing the proper multi-step authentication procedure. On this basis, it is possible to provide a security solution which keeps balance between user satisfaction (related to QoE) and the obtained Level of Security (related to QoP).
|Journal series||Computers & Security, ISSN 0167-4048|
|Publication size in sheets||1.75|
|Keywords in English||Authentication, Risk assessment, Authentication systems management, Contextual security, Quality of Experience, Quality of Protection|
|Score|| = 30.0, 19-10-2017, ArticleFromJournal|
= 30.0, 19-10-2017, ArticleFromJournal
|Publication indicators||: 2016 = 2.849 (2) - 2016=2.943 (5)|
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.