Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
ZeTA - Zero-Trust Authentication: Relying on Innate Human Ability, not Technology
Tech Univ Darmstadt, Darmstadt, Germany.
Glasgow University, Scotland.
Glasgow University, Scotland.
Tech Univ Darmstadt, Darmstadt, Germany.
Visa övriga samt affilieringar
2016 (Engelska)Ingår i: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), IEEE, 2016, s. 357-371Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Reliable authentication requires the devices and channels involved in theprocess to be trustworthy; otherwise authentication secrets can easily becompromised. Given the unceasing efforts of attackers worldwide suchtrustworthiness is increasingly not a given. A variety of technicalsolutions, such as utilising multiple devices/channels and verificationprotocols, has the potential to mitigate the threat of untrustedcommunications to a certain extent. Yet such technical solutions make twoassumptions: (1) users have access to multiple devices and (2) attackerswill not resort to hacking the human, using social engineering techniques.In this paper, we propose and explore the potential of using human-basedcomputation instead of solely technical solutions to mitigate the threat ofuntrusted devices and channels. ZeTA (Zero  Trust Authentication on untrusted channels) has the potentialto allow people to authenticate despite compromised channels orcommunications and easily observed usage. Our contributions are threefold:(1) We propose the ZeTA protocol with a formal definition and securityanalysis that utilises semantics and human-based computation to amelioratethe problem of untrusted devices and channels.(2) We  outline a security analysis to assess the envisaged performance ofthe proposed authentication protocol.(3) We report on  a  usability study that explores the viability of relyingon human computation in this context.

Ort, förlag, år, upplaga, sidor
IEEE, 2016. s. 357-371
Serie
IEEE Symposium on Security and Privacy, ISSN 1081-6011
Nyckelord [en]
MRC PSYCHOLINGUISTIC DATABASE; SEMANTIC RELATIONS; COMMUNICATION; SIMILARITY; ENGLISH
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-42084DOI: 10.1109/EuroSP.2016.35ISI: 000386286200023ISBN: 978-1-5090-1751-5 (tryckt)OAI: oai:DiVA.org:kau-42084DiVA, id: diva2:930056
Konferens
EuroS&P'16 : IEEE European Symposium on Security and Privacy, 21-24 March 2016, Saarbrucken
Tillgänglig från: 2016-05-21 Skapad: 2016-05-21 Senast uppdaterad: 2018-06-04Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltext

Personposter BETA

Volkamer, Melanie

Sök vidare i DiVA

Av författaren/redaktören
Volkamer, Melanie
Av organisationen
Institutionen för matematik och datavetenskap
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 170 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf