Abstract
The mobile device has become a ubiquitous technology that is capable of supporting an increasingly large array of services, applications and information. Given their increasing importance, it is imperative to ensure that such devices are not misused or abused. Unfortunately, a key enabling control to prevent this, user authentication, has not kept up with the advances in device technology. This paper presents the outcomes of a 2 year study that proposes the use of transparent and continuous biometric authentication of the user: providing more comprehensive identity verification; minimizing user inconvenience; and providing security throughout the period of use. A Non-Intrusive and Continuous Authentication (NICA) system is described that maintains a continuous measure of confidence in the identity of the user, removing access to sensitive services and information with low confidence levels and providing automatic access with higher confidence levels. An evaluation of the framework is undertaken from an end-user perspective via a trial involving 27 participants. Whilst the findings raise concerns over education, privacy and intrusiveness, overall 92% of users felt the system offered a more secure environment when compared to existing forms of authentication.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Clarke, N.L., Furnell, S.M.: Authentication of Users on Mobile Telephones - A Survey of Attitudes and Practices. Computers & Security 24(7), 519–527 (2005)
Clarke, N.L., Furnell, S.M.: Authenticating Mobile Phone Users Using Keystroke Analysis. International Journal of Information Security, 1–14 (2006)
Clarke, N.L., Mekala, A.R.: Transparent Handwriting Verification for Mobile Devices. In: Proceedings of the Sixth International Network Conference (INC 2006), Plymouth, UK, 11-14 July, pp. 277–288 (2006)
Clarke, N.L., Karatzouni, S., Furnell, S.M.: Transparent Facial Recognition for Mobile Devices. In: Proceedings of the 7th Security Conference, Las Vegas, June 2-3 (2008)
Denning, D.: Information Warfare & Security. ACM Press, US (1999)
Karatzouni, S., Furnell, S.M., Clarke, N.L., Botha, R.A.: Perceptions of User Authentication on Mobile Devices. In: Proceedings of the ISOneWorld Conference, Las Vegas, CD-Proceedings (0-9772107-6-6) (2007)
GSM World GSM Subscriber Statistics. GSMWorld.Com (2002), http://www.gsmworld.com
Lemos, R.: Passwords: The Weakest Link? Hackers can crack most in less than a minute. CNET News.Com (2002), http://news.com.com/2009-1001-916719.html
Rosa, L.: Biometric Source Code. Advanced Source Code (2008), http://www.advancedsourcecode.com
Shaw, K.: Data on PDAs mostly unprotected. Network World Fusion (2004), http://www.nwfusion.com
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Clarke, N., Karatzouni, S., Furnell, S. (2009). Flexible and Transparent User Authentication for Mobile Devices. In: Gritzalis, D., Lopez, J. (eds) Emerging Challenges for Security, Privacy and Trust. SEC 2009. IFIP Advances in Information and Communication Technology, vol 297. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01244-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-01244-0_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01243-3
Online ISBN: 978-3-642-01244-0
eBook Packages: Computer ScienceComputer Science (R0)