Towards authentication via selected extraction from electronic personal histories

Nosseir, A. and Terzis, Sotirios; Filipe, Joaquim and Cordeiro, Jose, eds. (2011) Towards authentication via selected extraction from electronic personal histories. In: Enterprise Information Systems. Lecture Notes in Business Information Processing . Springer, PRT, pp. 571-586. ISBN 9783642198014 (https://doi.org/10.1007/978-3-642-19802-1_39)

Full text not available in this repository.Request a copy

Abstract

Authentication via selected extraction from electronic personal histories is a novel question-based authentication technique. This paper first presents a study using academic personal web site data that investigated the effect of using image-based authentication questions. By assessing the impact on both genuine users and attackers the study concluded that from an authentication point of view (a) an image-based representation of questions is beneficial; (b) a small increase in the number of distracters/options in closed questions is positive; and (c) the ability of attackers, close to genuine users, to answer correctly with high confidence, genuine users’ questions is limited. Second, the paper presents the development of a web-based prototype for automated generation of image-based authentication questions. The prototype makes clear that although possible to largely automate the generation of authentication questions, this requires significant engineering effort and further research. These results are encouraging for the feasibility of the technique.

CORE (COnnecting REpositories)