Nosseir, A. and Terzis, S. (2010) A study in authentication via electronic personal history questions. In: Proceedings of the 12th International Conference on Enterprise Information Systems. UNSPECIFIED, pp. 63-70.
ICEIS_Paper_CR.pdf - Submitted Version
Restricted to Registered users only
Download (492kB) | Request a copy from the Strathclyde author
Authentication via electronic personal history questions is a novel technique that aims to enhance questionbased authentication. This paper presents a study that is part of a wider investigation into the feasibility of the technique. The study used academic personal web site data as a source of personal history information, and studied the effect of using an image-based representation of questions about personal history events. It followed a methodology that assessed the impact on both genuine users and attackers, and provides a deeper insight into their behaviour. From an authentication point of view, the study concluded that (a) an imagebased representation of questions is certainly beneficial; (b) a small increase in the number of distracters/options used in closed questions has a positive effect; and (c) despite the closeness of the attackers their ability to answer correctly with high confidence questions about the genuine users’ personal history is limited. These results are encouraging for the feasibility of the technique.
|Item type:||Book Section|
|Keywords:||electronic personal histories , authentication, security applications, Electronic computers. Computer science|
|Subjects:||Science > Mathematics > Electronic computers. Computer science|
|Department:||Faculty of Science > Computer and Information Sciences|
|Depositing user:||Pure Administrator|
|Date Deposited:||14 Nov 2011 13:21|
|Last modified:||06 May 2016 19:38|