Usable Multi-factor Authentication and Risk-based Authorization

Abstract

This effort developed a set of usable authentication and authorization technologies that create a strong tie between transactional identity and physical identity. Specifically, the effort conducted psychometric studies on the end user perception of risk and used this to drive mechanisms to align end-user perception of risk with the actual value at-risk in transactions. Used sensors available on mobile phones to design multi-factor authentication based on a fusion of biometric sensors chosen for optimal performance. Explored how risk indicators and authentication interfaces will be securely implemented on mobile platforms. Investigated protocols to maintain the integrity and liveness of biometric data, enhance d user trust in the authentication process, and balanced the security requirements of the user and the service provider.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2015
Accession Number
ADA619643

Entities

People

  • Larry Koved

Organizations

  • International Business Machines Corporation (Armonk, NY)

Tags

Communities of Interest

  • Biomedical
  • Cyber
  • Human Systems

DTIC Thesaurus Topics

  • Authentication
  • Biometric Security
  • Communication Channels
  • Computational Science
  • Computer Access Control
  • Computer Network Security
  • Computer Programming
  • Computers
  • Cybersecurity
  • Data Analysis
  • Mobile Devices
  • Mobile Phones
  • Monte Carlo Method
  • Network Science
  • Operating Systems
  • Security Protocols
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Psychological Intervention/Treatment for Stress, Anxiety, PTSD, and Related Emotional and Cognitive Health Symptoms.